Saturday, July 18, 2026, 14:05
Home»Cryptocurrency»TrustedVolumes exploiter returns $2M, keeps equal share as b...
RSS

TrustedVolumes exploiter returns $2M, keeps equal share as bounty

TrustedVolumes exploiter returns $2M, keeps equal share as bounty

The Ethereum transfer marks a significant, albeit incomplete, resolution to the security incident that first hit TrustedVolumes on May 7. While the company confirmed total losses reaching roughly $6.7 million, the current repayment covers only a portion of those assets. TrustedVolumes had previously signaled an openness to negotiating a bounty in exchange for the return of funds, though the firm has not yet formally accepted the attacker's conditions or the specific terms of this payout.

Security analysis from Blockaid and Verichains traced the vulnerability to a custom request-for-quote (RFQ) swap proxy used by the firm. The exploit bypassed standard security measures by targeting an improperly protected public function in the Ethereum resolver setup. This flaw allowed the attacker to masquerade as an approved order signer and drain assets including WETH, WBTC, and USDC directly from the inventory vault. Although the incident involved liquidity provided through 1inch, the aggregator’s core contracts remained secure, isolating the breach to TrustedVolumes’ specific infrastructure.

Share:

Comments (0)

Leave a comment

No comments yet. Be the first!