14,600 Bitcoin Sold in Profit in One Day: Here Is How BTC’s Own Structure Broke It Below $80K
Bitcoin's price dips below $80K as internal market dynamics take over.
NewsBTC1 min read
DeFi Platform TrustedVolumes Hit By $6.7M Hack As 2026 Exploits Surge
TL;DR
DeFi platform TrustedVolumes was hacked for approximately $6.7 million due to a smart contract exploit. The attacker stole multiple assets, including Wrapped Ethereum and USDT, by bypassing authorization checks.
Key points
- TrustedVolumes suffered a $6.7 million hack
- The attack involved a smart contract exploit
- Assets stolen included Wrapped Ethereum and USDT
- The hacker bypassed authorization checks
- TrustedVolumes confirmed the incident via social media
Mentioned in this story
TrustedVolumes
Wrapped EthereumWrapped Bitcoin
Another multi-million-dollar attack has hit the DeFi sector after liquidity provider and market maker TrustedVolumes fell victim to a smart contract exploit on Thursday night.
TrustedVolumes Hit By $6.7M Hack
On Thursday, DeFi platform TrustedVolumes, one of 1inch liquidity providers and market makers, suffered a new exploit that drained millions of dollars in multiple assets from the project.
According to reports from blockchain security firms PeckShield and Blockaid, the attacker stole approximately $6 million in Wrapped Ethereum (WETH), Wrapped Bitcoin (WBTC), USDT, and USDT after exploiting a vulnerability in the protocol’s core signature validation logic, which allowed them to bypass authorization checks and forge trading orders.
Notably, the hacker quickly exchanged all assets for 2.513 ETH on a Decentralized Exchange (DEX) and distributed them across three addresses. In an X post, TrustedVolumes confirmed the incident, sharing the addresses currently holding the stolen funds and updating the estimated loss to roughly $6.7 million.
TrustedVolumes confirms exploit. Source: X
The vulnerability was a TrustedVolumes-controlled custom RFQ (request for quote) swap proxy. Crypto researcher Humphrey explained that “the Custom RFQ Swap Proxy contract contains a function designed to manage the ‘authorized order signer’ whitelist. Such whitelist mechanisms are common in DeFi—only addresses on the whitelist can issue valid transaction instructions on behalf of the protocol.”
However, he noted that “this registration function is public and lacks any permission modifiers.” As a result, the attacker exploited this public function within the contract, registering themselves as an authorized order signer.
“Since any external address can call this function, it is equivalent to giving everyone the ability to make a copy of the safe’s key,” the researcher continued.
Same Hacker, Different Attack
Q&A
What happened to TrustedVolumes?
TrustedVolumes was hacked, resulting in a loss of approximately $6.7 million due to a smart contract exploit.
How much money was stolen in the TrustedVolumes hack?
The hack resulted in the theft of around $6.7 million from TrustedVolumes.
What assets were stolen in the TrustedVolumes attack?
The attacker stole Wrapped Ethereum (WETH), Wrapped Bitcoin (WBTC), and USDT among other assets.
How did the hacker exploit TrustedVolumes?
The hacker exploited a vulnerability in the protocol's core signature validation logic, allowing them to bypass authorization checks.
