$6.7M stolen in TrustedVolumes exploit via approved order signer vulnerability

TrustedVolumes, a market maker used by 1inch Fusion, suffered a $6.7 million crypto theft after an attacker exploited a public function to register as an approved order signer and drain funds through malicious transactions. Stolen assets included Wrapped Ether, USDT, Wrapped Bitcoin, and USDC, spread across three Ethereum wallets. Despite the breach, 1inch confirmed its own systems and user funds were unaffected, as TrustedVolumes operates independently. The incident highlights risks in DeFi infrastructure and the need for better safeguards like monitoring and emergency shutdowns. TrustedVolumes is open to negotiating with the attacker for a resolution.