1inch Hacker Returns $5M After Negotiation, Keeps a Bug Bounty

YEREVAN (CoinChapter.com) — Decentralized exchange (DEX) aggregator 1inch suffered a security breach on March 5, resulting in the theft of $5 million. The exploit targeted an outdated smart contract linked to the Fusion v1 resolver. Following negotiations, the attacker returned most of the funds but retained a portion as a bug bounty.

The attack exposed vulnerabilities in older contract versions, pushing 1inch to reinforce its security measures. The company swiftly responded by updating its resolver contracts, preventing further unauthorized transactions.

Hacker Exploits Outdated Fusion v1 Contract

The breach originated from a flaw in Fusion v1, an obsolete contract within the 1inch ecosystem. Attackers used outdated logic to bypass security measures and execute unauthorized transactions. According to Decurity’s postmortem report, the incident occurred at 6 PM UTC on March 5.

The hacker later communicated on-chain, demanding a bug bounty in exchange for returning the stolen assets. The targeted entity was TrustedVolumes, a third-party market maker, rather than individual users.

Negotiation Leads to Partial Fund Recovery

Once the attack was identified, 1inch and TrustedVolumes engaged in negotiations with the hacker. The discussions led to an agreement where the attacker returned a significant portion of the stolen $5 million, keeping a fraction as a bounty.

“After negotiations with the hacker, most of the $5 million stolen from 1inch has been returned, with the hacker keeping a portion as a bug bounty,”

WuBlockchain reported, citing Decurity.

This event reflects a growing trend in DeFi security incidents where attackers opt for negotiations over asset retention. 1inch responded by strengthening its security protocols and urging resolvers to upgrade to Fusion v2.

1inch Strengthens Security After Second Breach

This marks the second major security breach for 1inch in the last six months. In October 2024, the platform experienced a front-end compromise due to a supply chain attack.

These repeated incidents emphasize the ongoing security challenges DeFi protocols face. The latest breach highlights the need for continuous monitoring, regular contract audits, and faster incident response.

1INCH Price Sees Modest Gains After Incident

Despite recovering most of the stolen assets, 1INCH recorded only a 1.12% increase in price since Sunday’s session. As of this writing, the token traded at $0.23.

Security experts stress the importance of proactive vulnerability detection to prevent similar breaches in the future. 1inch continues to reinforce security measures, ensuring its platform remains protected against evolving threats.