Close Menu
Chain Tech Daily

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    eth2 quick update no. 3

    July 18, 2026

    Michael Saylor says corporations hold the key to Bitcoin’s global rise

    July 18, 2026

    BitcoinCore website hosts letter from one side of OP_RETURN debate

    July 18, 2026
    Facebook X (Twitter) Instagram
    Chain Tech Daily
    • Altcoins
      • Litecoin
      • Coinbase
      • Crypto
      • Blockchain
    • Bitcoin
    • Ethereum
    • Lithosphere News Releases
    Facebook X (Twitter) Instagram YouTube
    Chain Tech Daily
    Home » TrustedVolumes attacker returns $2M, keeps another $2M as bounty
    Crypto

    TrustedVolumes attacker returns $2M, keeps another $2M as bounty

    James WilsonBy James WilsonJuly 18, 20263 Mins Read
    Facebook Twitter Pinterest LinkedIn WhatsApp Reddit Tumblr Email
    Share
    Facebook Twitter LinkedIn Pinterest Email



    A TrustedVolumes attacker has returned 1,122 ETH worth about $2 million while keeping another $2 million as a self-declared bounty.

    Summary

    • The TrustedVolumes attacker returned 1,122 ETH worth about $2 million.
    • The exploiter retained another $2 million as a self-declared bounty.
    • Blockaid traced the May attack to TrustedVolumes’ custom RFQ swap proxy.

    According to Com Feed monitoring, the Ethereum transfer represents a partial recovery from the May exploit, which initially drained about $5.87 million from a contract controlled by the liquidity provider. The attacker has retained roughly the same dollar amount as the returned funds, labeling it a bounty.

    ⚠️ JUST IN: The TrustedVolumes exploiter has returned 1,122 ETH ($2M+

    The original exploit resulted in more than $5.8M being stolen. The exploiter has now returned around $2M while retaining another $2M as a “bounty” pic.twitter.com/HJSdx4i4Or

    — Com Feed (@thecomfeed) July 18, 2026

    At the time of writing, TrustedVolumes had not formally confirmed that it had accepted the attacker’s bounty terms.

    Partial repayment recovers only part of the stolen funds

    TrustedVolumes disclosed in May that the total loss had reached roughly $6.7 million, exceeding the initial estimate reported by security researchers. The company said at that time the stolen assets were held across three addresses containing approximately $3 million, $3 million, and $700,000.

    Seeking to recover the assets, TrustedVolumes offered to discuss a vulnerability bounty and what it called a mutually acceptable solution. The liquidity provider also invited the attacker to begin constructive communication, though its statement did not specify a proposed bounty rate.

    Before the stolen tokens were consolidated, Blockaid identified 1,291.16 WETH, 206,282 USDT, 16.939 WBTC, and 1.27 million USDC among the drained assets. PeckShield later reported that the attacker exchanged the tokens and gathered the proceeds into about 2,513 ETH.

    The returned 1,122 ETH was worth about $2 million at the time of writing, while Com Feed valued the attacker’s retained bounty at a similar amount. The combined dollar value is lower than the original loss because ETH has fallen since the May exploit, when the stolen assets were converted into the cryptocurrency.

    Custom TrustedVolumes proxy caused the security breach

    As previously reported by crypto.news, Blockaid traced the May 7 attack to a custom request-for-quote swap proxy operated by TrustedVolumes. According to the security firm, the attacker targeted the company’s Ethereum resolver setup rather than a regular 1inch swap route.

    TrustedVolumes used the RFQ system to quote token prices and complete signed trades from its inventory. Verichains found that a public function lacked access controls, allowing the attacker to register an address as an approved order signer and create transactions that appeared valid to the proxy.

    During the same transaction, the attacker directed the proxy to pull WETH, WBTC, USDT, and USDC from the TrustedVolumes inventory vault. Verichains also identified a mismatch between the address checked for authorization and the address supplying the tokens, while faulty replay protection failed to record orders correctly.

    Although the affected market maker supplied liquidity through 1inch, the attack did not compromise 1inch’s core aggregation contracts or standard user routes, according to 1inch’s account of the incident. Blockaid linked the wallet to the March 2025 Fusion V1 exploit but reported that the May attack used a different flaw tied to TrustedVolumes’ custom proxy.





    Source link

    Share. Facebook Twitter Pinterest LinkedIn WhatsApp Reddit Tumblr Email
    James Wilson

    Related Posts

    Crypto July 18, 2026

    Michael Saylor says corporations hold the key to Bitcoin’s global rise

    Crypto July 18, 2026

    OKX Europe opens USDT escape route as MiCA restrictions tighten

    Crypto July 18, 2026

    FTX pushes ahead with $900M payout as SBF pardon hopes fade

    Crypto July 18, 2026

    Anthropic turns to Meta for $10B in computing power before IPO

    Crypto July 18, 2026

    Piero Cipollone rattles Coinbase and Circle with stablecoin warning

    Crypto July 18, 2026

    Ripple wins EU-wide access as ESMA adds it to MiCA register

    Leave A Reply Cancel Reply

    Don't Miss
    Ethereum July 18, 2026

    eth2 quick update no. 3

    Welcome to the third installment of eth2 quick update. tldr; Harden fork choice defences in…

    Michael Saylor says corporations hold the key to Bitcoin’s global rise

    July 18, 2026

    BitcoinCore website hosts letter from one side of OP_RETURN debate

    July 18, 2026

    Development Update #1 – Ethereum.org

    July 18, 2026
    Stay In Touch
    • Facebook
    • Twitter
    • YouTube
    • LinkedIn
    Our Picks

    eth2 quick update no. 3

    July 18, 2026

    Michael Saylor says corporations hold the key to Bitcoin’s global rise

    July 18, 2026

    BitcoinCore website hosts letter from one side of OP_RETURN debate

    July 18, 2026

    Development Update #1 – Ethereum.org

    July 18, 2026

    Subscribe to Updates

    Get the latest creative news from SmartMag about art & design.

    Don't Miss
    Ethereum July 18, 2026

    eth2 quick update no. 3

    Welcome to the third installment of eth2 quick update. tldr; Harden fork choice defences in…

    Michael Saylor says corporations hold the key to Bitcoin’s global rise

    July 18, 2026

    BitcoinCore website hosts letter from one side of OP_RETURN debate

    July 18, 2026

    Development Update #1 – Ethereum.org

    July 18, 2026

    Subscribe to Updates

    Get the latest creative news from SmartMag about art & design.

    Stay In Touch
    • Facebook
    • Twitter
    • Pinterest
    • Instagram
    About Us
    About Us

    ChainTechDaily.xyz delivers the latest updates and trends in the world of cryptocurrency. Stay informed with daily news, insights, and analysis tailored for crypto enthusiasts.

    Our Picks
    Lithosphere News Releases
    X (Twitter) Instagram YouTube LinkedIn
    © 2026 Copyright

    Type above and press Enter to search. Press Esc to cancel.