What to know:
- Hackers drained millions after exploiting TrustedVolumes signature verification vulnerability.
- SlowMist revealed that attackers quickly laundered stolen Ethereum, Bitcoin, and stablecoin holdings.
- TrustedVolumes exploit raises renewed concerns surrounding decentralized finance security standards.
Another security failure has struck the decentralized finance industry after attackers exploited a vulnerability inside TrustedVolumes, a liquidity provider operating within the 1inch ecosystem. Blockchain investigators quickly detected unusual fund movements after millions of dollars vanished from wallets connected to the protocol.
According to blockchain security firm SlowMist, the exploit allowed hackers to drain nearly $5.9 million in Ethereum (ETH), Wrapped Bitcoin (WBTC), USD Coin (USDC), and Tether (USDT). The attack reportedly targeted a weakness tied directly to the protocol’s signature validation system.
Moreover, the exploit intensified concerns surrounding decentralized trading platforms that rely heavily on smart contract approvals and cryptographic verification. Since TrustedVolumes operates using a Request for Quote structure, traders and liquidity providers must sign transactions before execution. Consequently, any flaw involving signature verification creates a serious security threat.
SlowMist’s findings showed the attacker stole approximately 1,291 ETH valued at over $3 million. Additionally, the hacker secured 16.94 WBTC worth nearly $1.4 million alongside over $1.4 million combined in stablecoins.
Also Read: Alert: A Major Diversion Just Happened in XRP Exchange Flow Behavior
TrustedVolumes Signature Flaw Triggered Massive Crypto Drain
Investigators revealed that the exploit originated from a logical weakness inside the protocol’s fillOrder function. The flaw reportedly enabled attackers to bypass authorization checks and forge trading instructions without obtaining legitimate approval from users.
Besides exposing weaknesses inside TrustedVolumes, the incident also highlighted broader risks tied to RFQ-based decentralized trading systems. Unlike platforms such as Uniswap, RFQ protocols depend on direct agreements between makers and takers instead of liquidity pools.
Consequently, secure signature verification becomes critical for preventing unauthorized order execution. However, a single coding mistake inside core contract logic proved enough to compromise millions in user-linked assets within minutes.
According to on-chain data shared by SlowMist, the attacker immediately began laundering the stolen assets after completing the exploit. Records showed the hacker routing stablecoins and Wrapped Bitcoin through decentralized exchanges shortly after draining the funds.
Meanwhile, the latest exploit added further pressure on decentralized finance developers already facing rising criticism over recurring smart contract vulnerabilities. Several protocols across the industry have experienced similar attacks this year, particularly platforms handling liquidity routing and peer-to-peer settlement systems.
The TrustedVolumes exploit has reinforced ongoing concerns surrounding smart contract security within decentralized finance infrastructure. Although DeFi platforms continue expanding globally, vulnerabilities involving authorization logic remain one of the sector’s most damaging operational risks.
