YEREVAN (CoinChapter.com) — Decentralized alternate (DEX) aggregator 1inch suffered a safety breach on March 5, ensuing within the theft of $5 million. The exploit focused an outdated good contract linked to the Fusion v1 resolver. Following negotiations, the attacker returned a lot of the funds however retained a portion as a bug bounty.
The assault uncovered vulnerabilities in older contract variations, pushing 1inch to strengthen its safety measures. The corporate swiftly responded by updating its resolver contracts, stopping additional unauthorized transactions.
Hacker Exploits Outdated Fusion v1 Contract
The breach originated from a flaw in Fusion v1, an out of date contract inside the 1inch ecosystem. Attackers used outdated logic to bypass safety measures and execute unauthorized transactions. In line with Decurity’s postmortem report, the incident occurred at 6 PM UTC on March 5.
The hacker later communicated on-chain, demanding a bug bounty in alternate for returning the stolen property. The focused entity was TrustedVolumes, a third-party market maker, moderately than particular person customers.
Negotiation Results in Partial Fund Restoration
As soon as the assault was recognized, 1inch and TrustedVolumes engaged in negotiations with the hacker. The discussions led to an settlement the place the attacker returned a good portion of the stolen $5 million, conserving a fraction as a bounty.
“After negotiations with the hacker, most of the $5 million stolen from 1inch has been returned, with the hacker keeping a portion as a bug bounty,”
WuBlockchain reported, citing Decurity.
This occasion displays a rising development in DeFi safety incidents the place attackers go for negotiations over asset retention. 1inch responded by strengthening its safety protocols and urging resolvers to improve to Fusion v2.
1inch Strengthens Safety After Second Breach
This marks the second main safety breach for 1inch within the final six months. In October 2024, the platform skilled a front-end compromise as a consequence of a provide chain assault.
These repeated incidents emphasize the continued safety challenges DeFi protocols face. The newest breach highlights the necessity for steady monitoring, common contract audits, and quicker incident response.
1INCH Worth Sees Modest Positive factors After Incident
Regardless of recovering a lot of the stolen property, 1INCH recorded solely a 1.12% enhance in price since Sunday’s session. As of this writing, the token traded at $0.23.
Safety consultants stress the significance of proactive vulnerability detection to stop related breaches sooner or later. 1inch continues to strengthen safety measures, making certain its platform stays protected in opposition to evolving threats.