Updated Market maker and liquidity provider TrustedVolumes joined a growing list of decentralized finance (DeFi) hacks in 2026 as it confirmed a theft of approximately $6.7mn.
TrustedVolumes Hit for $6.7mn in Latest DeFI Exploit
8 May 2026 - 08:34 CEST
Three wallets
In a 7 May post on X, TrustedVolumes said the stolen funds were split across three wallets, with two addresses each holding about $3mn and a third holding about $700,000. A vulnerability in the company's custom RFQ swap proxy contract gave an attacker unauthorized permissions, allowing them to bypass safety checks on approvals.
It said no other protocols, including 1inch, were impacted by the exploit. TrustedVolumes acts as a resolver for decentralized exchange (DEX) 1inch, filling and executing its trade orders.
1inch distances itself
1inch issued its own statement on X to quell concerns that it was caught up in the breach. "We are aware of misleading reports relating to an exploit involving TrustedVolumes. We can confirm that neither 1inch nor any of the 1inch protocols are involved."
"There is no impact on 1inch systems, infrastructure or user funds," it added, noting that TrustedVolumes is not an exclusive liquidity provider.
Bounty offered
TrustedVolumes reached out to the attacker, posting: "We are open to constructive communication regarding a bug bounty and a mutually acceptable resolution."
Blockchain security firm CertiK said in a 7 May post on X that the attacker "registers as an AllowedOrderSigner through a public function, then executes the order to transfer from the victim." It advised users to "revoke any approval to the vulnerable contract."
April saw a record number of DeFi hacks, with around 30 incidents taking place. So far this year, the total amount of stolen funds exceeds $1bn. Topping the list was the Kelp exploit on 18 Apr, which drained approximately $292mn from the protocol via compromised LayerZero verifier nodes.
Esme Pau, Head of Capital Markets for CertiK told Sandmark that recent exploits had relied on a single point of failure.
"The Kelp hack happened because only one party had to approve cross-chain messages - one forged signature drained $292M. High-value protocols need multiple independent checks at every critical step: multiple signers on admin actions, multiple price feeds, multiple verifiers on bridges. And assume any one person on the team can get phished - the Drift attack was months of social engineering against staff with admin access."
She said that while regulation has shifted from policy debate to active enforcement for the digital asset industry, a bigger issue is adoption.
"CertiK's data shows that 80% of the top 100 exploited protocols had no formal pre-breach audit, and those protocols accounted for nearly 90% of total value lost. Roughly 76% of 2025 onchain losses came from unaudited protocols," she added.
"The frameworks exist; the gap is between protocols that treat security and compliance as core operational requirements and those that don't. The industry's job now is to close that gap - making continuous audits, monitoring, and incident reporting the baseline rather than the exception."
