Overview
- TrustedVolumes, which disclosed the breach Thursday, put losses at about $6.7 million and named three wallets now holding the funds.
- Blockaid said the attack hit the firm's Ethereum resolver and a custom request-for-quote swap proxy, not 1inch's core routes.
- An RFQ proxy is a contract that lets a market maker quote prices and move pre-approved tokens fast, which makes signer permissions a prime risk.
- Cyvers reported the hacker used a public signer registration, broken replay protection, and an unchecked transfer source to act as a trusted signer.
- 1inch said its systems and users were unaffected, while analysts tied the wallet to the March 2025 Fusion V1 operator and urged users to revoke approvals.