TrustedVolumes exploited for $5.87M via contract vulnerability

Liquidity provider TrustedVolumes has been exploited for approximately $5.87 million through a vulnerable smart contract, Web3 security firm CertiK reported. The attacker is understood to have gained authorization by using a publicly callable function to transfer funds from the victim's wallet. In a related analysis, Blockaid suggested that the attack was likely carried out by the same hacker who exploited a 1inch vulnerability in March of last year, resulting in $5 million in losses. "However, this attack exploited a different vulnerability related to a custom RFQ swap proxy managed by TrustedVolumes," Blockaid explained. TrustedVolumes serves as a liquidity provider for 1inch.