1inch recovers 5 million after smart contract breach
1min read Decentralized exchange (DEX) aggregator 1inch experienced a critical breach of its smart contracts last week. However, following negotiations with the hacker, the exchange successfully recovered most of the $5 million stolen.
Despite the recovery, the attack highlights the ongoing security challenges within the DeFi ecosystem. 1inch experienced this particular breach on March 5. Investigators attributed it to a vulnerability in an outdated version of the platform’s smart contract. After discussions and a generous bug bounty, the attacker returned the funds.
1inch explained in the March 7 blog that the breach was caused by a flaw in the fusion v1 resolver smart contract, an obsolete platform component. The team detected the incident at approximately 6 PM UTC on March 5. Attackers exploited outdated logic within Fusion v1 to execute unintended transactions.
Notably, no end users were directly affected, as the attack targeted a third-party market maker, TrustedVolumes. Upon discovering the breach, 1inch swiftly redeployed its resolver contracts as a precautionary security measure, preventing further exploits.
According to Decurity’s postmortem report, the hacker initiated an on-chain message following the attack. They requested a bug bounty in exchange for returning the stolen funds. TrustedVolumes, the affected market maker, entered negotiations with the attacker, leading to a successful resolution.
This resolution marks a rare instance in which a DeFi exploit resulted in the voluntary return of stolen assets. It reflects the growing trend of ethical hacking and white hat negotiations in the DeFi industry. This incident marks the second time in six months that 1inch has faced a security breach. In October 2024, the platform suffered a front-end compromise due to a supply chain attack.
Also, it highlights the persistent risks DeFi protocols encounter. The latest hack is another reminder of the necessity for continuous monitoring and rapid response mechanisms to safeguard users and assets. This incident highlights the importance of continuous smart contract audits and proactive vulnerability detection. It also indicates the need for stronger validation mechanisms to prevent similar incidents in the future.
Don't invest blindly in stocks or crypto when you do not have a proper guide. I lost 30k trying to trade on my own but ever since Mrs Elizabeth Towles stepped in, I have been making huge profits. I made over 450k since October. She is always available to tell you more about investing and give a guide on how to trade visit her on WhatsApp +1(563)279-8487
I notice a conference of people giving rewarding testimony about Mrs Elizabeth Towles helping them earn a huge amount of money from crypto. So I decide to give her a try out and to my surprise my first 5 days I made more than $8,000 from my little investment. Very reasonable amount that I can’t even get from my current job..
Her info: elizabethtowles481@gmail.com.
+1(563)279-8487