The liquidity provider 1inch — TrustedVolumes — has lost nearly $6 million due to a hack. According to Blockaid, the attack targeted the project's router contract on the Ethereum network.

🚨 Blockaid's exploit detection system has identified an ongoing exploit on TrustedVolumes (1inch market maker / resolver, @trustedvolumes).
Chain: Ethereum

Victim contract: TrustedVolumes resolver — 0x9bA0CF1588E1DFA905eC948F7FE5104dD40EDa31

Exploiter:…

— Blockaid (@blockaid_) May 7, 2026

The stolen assets include:

  • 1,291 WETH;
  • 206,282 USDT;
  • 16,939 WBTC;
  • 1.2 million USDC.

Experts noted that the exploit originated from the same address that exploited a vulnerability in the 1inch smart contract in March 2025, resulting in a $5 million loss. This time, the issue was due to an error in a custom proxy contract for order swaps controlled by TrustedVolumes.

The project team confirmed the attack and published the hacker's wallet addresses.

🚨 We were recently exploited.

The addresses currently holding the stolen funds are:

[https://t.co/Uffg1StIhA] — approx. $3M
[https://t.co/gUCDHwOOTC] — approx. $3M
[https://t.co/68Lu7Bq0MJ]

[https://t.co/68Lu7Bq0MJ] —…

— TrustedVolumes (@trustedvolumes) May 7, 2026

“We are open to constructive dialogue regarding bug bounties and mutually acceptable solutions,” the developers stated.

DeFi Continues to Suffer

The hack of TrustedVolumes marks the fifth incident since the beginning of May. According to DefiLlama, previous victims include protocols Bisq, Sharwa.Finance, SmartCredit, and Ekubo, with the latter suffering the most significant loss of $1.4 million.

April set a record for the number of hacks in the crypto industry, with experts recording 20 attacks. The total amount stolen reached $635 million — the highest since February 2025, when the exchange Bybit lost nearly $1.5 billion.

Last month, Andrew Moss from Jefferies Bank stated that the series of exploits in the DeFi sector could dampen Wall Street's interest in blockchain technologies.

Ethereum co-founder Joseph Lubin believes that the new financial infrastructure is simply undergoing a painful strengthening process, with attackers revealing weaknesses in the protocols.