1inch Recovers Millions in Stolen Assets After Hacker Negotiation
1inch experienced a significant security breach on March 5, resulting in the theft of millions in digital assets. Key points include:
- The breach stemmed from an exploit in the outdated Fusion v1 resolver smart contract.
- Attackers targeted third-party market maker TrustedVolumes, not directly affecting 1inch users.
- 1inch redeployed its resolver contracts to prevent further risks.
- Negotiations with the hacker resulted in a large portion of the stolen funds being returned as a bug bounty.
- This incident marks the second major security issue for 1inch in six months, following a front-end compromise in late 2024.
- 1inch has urged resolvers to transition to the updated Fusion v2 for enhanced security.
- The company is enhancing internal auditing procedures to bolster protection against future vulnerabilities.
The incident highlights ongoing risks in decentralized finance and the importance of rigorous security measures.