DEX Aggregator 1inch Recovers Most of the $5M Stolen from Its Smart Contracts

Decentralized exchange (DEX) aggregator 1inch experienced a critical breach of its smart contracts last week. However, following negotiations with the hacker, the exchange successfully recovered most of the $5 million stolen.

Decentralized exchange (DEX) aggregator 1inch experienced a critical breach of its smart contracts last week. However, following negotiations with the hacker, the exchange successfully recovered most of the $5 million stolen.

This marks a rare instance in which an exploiter returned the stolen assets voluntarily.

According to WuBlockchain, citing Decurity’s postmortem report, the hacker returned most of the funds after discussions and a generous bug bounty.

This incident, which occurred on March 5, was attributed to a vulnerability in an outdated version of the platform’s smart contract.

According to 1inch’s blog post from March 7, the team detected the incident at approximately 6 PM UTC on March 5.

Attackers exploited Fusion v1, an obsolete platform component, and its outdated logic to execute unintended transactions.

Notably, no end users were directly affected, as the attack targeted a third-party market maker, TrustedVolumes.

Upon discovering the breach, 1inch swiftly redeployed its resolver contracts as a precautionary security measure, preventing further exploits.

According to Decurity’s report, the hacker posted an on-chain message following the attack. They requested a bug bounty in exchange for returning the stolen funds.

TrustedVolumes engaged in negotiations with the attacker, which ultimately led to a resolution.

This resolution marks a rare instance in which a DeFi exploit resulted in the exploiter returning the stolen assets voluntarily. It also highlights the growing trend of ethical hacking and bug bounty programs in the DeFi industry.

This incident marks the second time in six months that 1inch has faced a security breach. In October, the platform suffered a front-end compromise due to a supply chain attack.

Also, it highlights the persistent risks that DeFi protocols encounter. The latest hack is another reminder of the necessity for continuous monitoring and rapid response mechanisms to safeguard users and assets.

Despite the recovery, the 1INCH price has only gone up by a modest 1.12% since Sunday’s session opened and was trading for $0.23 as of this writing.

This incident highlights the importance of continuous smart contract audits and proactive vulnerability detection. It also indicates the need for stronger validation mechanisms to prevent similar incidents in the future.