In the dusty plains of the digital frontier, a lone cowboy-or rather, a hacker with a knack for the shadowy arts-has made off with a cool $6.7 million from the unsuspecting liquidity provider, TrustedVolumes. PeckShield, the sheriff of this wild west, reports that the thief ain’t just sittin’ on his haul; he’s already started movin’ hundreds of thousands in Ethereum, like a man with a train to catch and a posse on his tail.
According to PeckShield, this modern-day Jesse James has laundered $278,000 so far. He’s tossed 10.2 ETH ($23,600) into the TornadoCash whirlwind and swapped 110 ETH ($250,000) via THORChain for BTC. Heck, he even tried to slip 0.5 ETH into Railgun but thought better of it and sent it back. Maybe he figured the gun was too hot to handle.
“The TrustedVolumes exploiter has laundered $278,000 in stolen funds so far: they deposited 10.2 ETH ($23,600) to TornadoCash and laundered 110 ETH ($250,000) via THORChain to BTC; they also attempted to deposit 0.5 ETH to Railgun but changed their mind and sent it back. TrustedVolumes was exploited for ~$6.7 million on May 7th.”
TrustedVolumes, still reeling from the heist, is now waving a white flag and offering to parley. They’ve even listed three wallet addresses holding roughly $3.7 million of the stolen loot, like a wanted poster with a reward. “We’re open to talkin’,” they say, “maybe we can work out a bug bounty or somethin’ mutually agreeable.” Yeah, sure, like the cowboy’s gonna trade his six-shooter for a handshake.
“We were recently exploited… We are open to constructive communication regarding a bug bounty and a mutually acceptable resolution.”
QuillAudits, the town’s wise old blacksmith, explains the hacker’s trickery. Seems the cowboy exploited a design flaw in TrustedVolumes’ custom order-settlement system, drainin’ millions in one slick move. It’s like he found the secret latch to the bank vault and cleaned it out while the sheriff was takin’ a nap.
“TrustedVolumes operates as a 1inch market maker and resolver, providing on-chain liquidity through a custom Request-for-Quote (RFQ) proxy… In an RFQ model, a maker pre-signs orders, quoting a specific price for a specific token pair. A taker presents that signed quote to the settlement contract, which verifies the signature and executes the swap atomically. The system relies on three guarantees working in concert, the maker must have authorized who can sign orders on its behalf, each signed order must be filled only once (replay protection), and the token source for the fill must be the authenticated maker’s own inventory, not an arbitrary third-party address. In the TrustedVolumes implementation, all three guarantees failed simultaneously, and the attacker exploited them in a single composed transaction.”
So there you have it, folks. Another day in the crypto wild west, where the stakes are high, the players are shady, and the only thing certain is uncertainty. Will TrustedVolumes get their money back? Will the hacker ride off into the sunset with his ill-gotten gains? Only time-and maybe a few more exploits-will tell. Meanwhile, the rest of us are left wonderin’ if we’re the cowboys or the cattle.
Read More
- Gold Rate Forecast
- Silver Rate Forecast
- Brent Oil Forecast
- EUR AUD PREDICTION
- EUR CNY PREDICTION
- PEPE PREDICTION. PEPE cryptocurrency
- USD IDR PREDICTION
- IP/USD
- GBP CAD PREDICTION
- EUR KRW PREDICTION
2026-05-13 10:22