Close Menu
  • Instructions
  • News
    • DeFi
    • Smart Contract
    • Markets
    • Web3
    • Adoption
    • Memecoins
    • Analysis
    • Mining
    • Scams
    • Security
  • Education
    • Learn
    • Wallets & Exchange
  • Documentaries
  • Videos
    • Alessio Rastani
    • Altcoin Buzz
    • Coin Bureau
    • Dapp University
    • DataDash
    • Digital asset News
    • EllioTrades Crypto
    • MMCrypto
    • Lark Davis
    • Ivan on Tech
    • Benjamin Cowen
  • Market
    • Crypto Market Cap
    • Heat Map
    • Converter
    • Metal Prices
    • Stock prices
  • Bonus Books
  • Tools
What's Hot

LDO Price Prediction: Stalling at the Gate — $0.37 Brick Wall Will Decide the Next 20% Move

July 19, 2026

LeafTide Announces Weight Loss Supplement Launch Focused on Quality, Transparency, and Leaf Tide Consumer Education

July 19, 2026

Judge Dismisses DOJ’s New Mexico Voter Data Request

July 19, 2026
Facebook X (Twitter) Instagram
Recession Profit AlertsRecession Profit Alerts
  • Instructions
  • News
    • DeFi
    • Smart Contract
    • Markets
    • Web3
    • Adoption
    • Memecoins
    • Analysis
    • Mining
    • Scams
    • Security
  • Education
    • Learn
    • Wallets & Exchange
  • Documentaries
  • Videos
    • Alessio Rastani
    • Altcoin Buzz
    • Coin Bureau
    • Dapp University
    • DataDash
    • Digital asset News
    • EllioTrades Crypto
    • MMCrypto
    • Lark Davis
    • Ivan on Tech
    • Benjamin Cowen
  • Market
    • Crypto Market Cap
    • Heat Map
    • Converter
    • Metal Prices
    • Stock prices
  • Bonus Books
  • Tools
Recession Profit AlertsRecession Profit Alerts
Home»Security»TrustedVolumes attacker returns $2M, keeps another $2M as bounty
Security

TrustedVolumes attacker returns $2M, keeps another $2M as bounty

July 19, 2026No Comments3 Mins Read

A TrustedVolumes attacker has returned 1,122 $ETH worth about $2 million while keeping another $2 million as a self-declared bounty.

According to Com Feed monitoring, the Ethereum transfer represents a partial recovery from the May exploit, which initially drained about $5.87 million from a contract controlled by the liquidity provider. The attacker has retained roughly the same dollar amount as the returned funds, labeling it a bounty.

⚠️ JUST IN: The TrustedVolumes exploiter has returned 1,122 $ETH ($2M+

The original exploit resulted in more than $5.8M being stolen. The exploiter has now returned around $2M while retaining another $2M as a “bounty” pic.twitter.com/HJSdx4i4Or

— Com Feed (@thecomfeed) July 18, 2026

At the time of writing, TrustedVolumes had not formally confirmed that it had accepted the attacker’s bounty terms.

Partial repayment recovers only part of the stolen funds

TrustedVolumes disclosed in May that the total loss had reached roughly $6.7 million, exceeding the initial estimate reported by security researchers. The company said at that time the stolen assets were held across three addresses containing approximately $3 million, $3 million, and $700,000.

Seeking to recover the assets, TrustedVolumes offered to discuss a vulnerability bounty and what it called a mutually acceptable solution. The liquidity provider also invited the attacker to begin constructive communication, though its statement did not specify a proposed bounty rate.

Before the stolen tokens were consolidated, Blockaid identified 1,291.16 WETH, 206,282 $USDT, 16.939 WBTC, and 1.27 million $USDC among the drained assets. PeckShield later reported that the attacker exchanged the tokens and gathered the proceeds into about 2,513 $ETH.

See also  North Koreans hackers likely behind $286 million Drift Protocol exploit: Elliptic

The returned 1,122 $ETH was worth about $2 million at the time of writing, while Com Feed valued the attacker’s retained bounty at a similar amount. The combined dollar value is lower than the original loss because $ETH has fallen since the May exploit, when the stolen assets were converted into the cryptocurrency.

Custom TrustedVolumes proxy caused the security breach

As previously reported by crypto.news, Blockaid traced the May 7 attack to a custom request-for-quote swap proxy operated by TrustedVolumes. According to the security firm, the attacker targeted the company’s Ethereum resolver setup rather than a regular 1inch swap route.

TrustedVolumes used the RFQ system to quote token prices and complete signed trades from its inventory. Verichains found that a public function lacked access controls, allowing the attacker to register an address as an approved order signer and create transactions that appeared valid to the proxy.

During the same transaction, the attacker directed the proxy to pull WETH, WBTC, $USDT, and $USDC from the TrustedVolumes inventory vault. Verichains also identified a mismatch between the address checked for authorization and the address supplying the tokens, while faulty replay protection failed to record orders correctly.

Although the affected market maker supplied liquidity through 1inch, the attack did not compromise 1inch’s core aggregation contracts or standard user routes, according to 1inch’s account of the incident. Blockaid linked the wallet to the March 2025 Fusion V1 exploit but reported that the May attack used a different flaw tied to TrustedVolumes’ custom proxy.



Source link

attacker Bounty returns TrustedVolumes

Related Posts

Kenya President’s Website Breached as Hackers Demand 5 BTC Ransom

July 19, 2026

BONK DAO Attacker Moves Another $1.19M to Coinbase as Price Slides 7%

July 19, 2026

Kenya Investigates President William Ruto Website Breach as Hackers Demand 5 Bitcoin

July 19, 2026

El Paso City Council weighs new crypto kiosk warnings amid scam surge

July 19, 2026
Top Posts

Bitcoin snaps back near $69,000 but analysts warn the market may not be out of the woods yet

February 25, 2026

BlackRock’s bitcoin ETF just hit a massive milestone that proves crypto is now a mainstream bet

April 26, 2026

Bitcoin Grapples with $28K Resistance, but ‘Uncorrelated Asset’ Allure Could Mean Higher Prices, Says Analyst

October 7, 2023

Type above and press Enter to search. Press Esc to cancel.