Hackers have exploited a vulnerability in DeFi aggregator 1inch's resolver smart contract, leading to losses of over $5 million, according to blockchain security firm SlowMist.
The breach primarily affected outdated Fusion v1 resolver contracts, while regular users remained unaffected.
1inch confirmed the attack on March 6, explaining that the flaw had been identified a day earlier. Efforts are now underway to support affected resolvers and prevent similar incidents, with the platform urging resolvers to update their contracts.
Additionally, a bug bounty program has been introduced, offering rewards between $100 and $500,000 to enhance security.
Despite the setback, 1inch continues to lead in DeFi, routing 38.2% of all decentralized exchange (DEX) volume through aggregators in Q4 2024. However, its market share declined by 10% as competitors Odos and CoWSwap gained traction.
The platform’s total trading volume surged by 104% quarter-over-quarter, reaching $1.09 trillion. Ethereum remained the top blockchain for 1inch transactions, followed by Base and Arbitrum.
The U.S. Department of Justice has sentenced Dwayne Golden, 57, of Pennsylvania to 97 months in prison for orchestrating a fraudulent crypto investment scheme that stole over $40 million from investors.
The first half of 2025 has become the most damaging six-month period in crypto history, with over $2.1 billion stolen across 75+ separate incidents, according to new data.
A new breed of cyber-attack is sweeping through crypto media, exploiting site pop-ups and wallet-connect prompts instead of smart-contract bugs.
CoinMarketCap, one of the most widely used crypto data tracking platforms, is reportedly facing a front-end security breach, with multiple users encountering a suspicious prompt to verify their wallets.