On March 5, 2025, 1inch, a decentralized exchange aggregator, confirmed a significant hack that resulted in the theft of approximately $5 million in cryptocurrencies. This breach exploited a vulnerability in the platform’s smart contract, specifically affecting certain resolver contracts.
Discovery of the Vulnerability
At 23:00 CET on March 5, the 1inch team detected a vulnerability in their resolver smart contracts, which utilized the outdated Fusion v1 implementation. It was emphasized that no end-user funds were at risk, only those funds associated with resolvers using the obsolete system. The team communicated this information via their official Twitter account:
“No end-user funds were at risk—only resolvers using Fusion v1 in their own contracts.” — 1inch (@1inch), March 6, 2025.
Details of the 1inch Hack
Following an investigation by blockchain security firm SlowMist, it was revealed that the hacker successfully stole 2.4 million USDC (USD Coin) and 1,276 Wrapped Ether (WETH). The breach was attributed solely to the vulnerability within the 1inch smart contracts tied to the Fusion v1 implementation.
1inch reassured its users that their funds remained secure. The platform is actively collaborating with the affected resolvers to enhance their security measures. They have urged these entities to update their contracts and conduct immediate audits. Furthermore, 1inch announced a bug bounty program to identify and rectify any potential vulnerabilities in their system.
Recovery Prospects
The likelihood of recovering the stolen funds appears slim, unless the hacker opts to return the stolen amount. Notably, some protocols have managed to recover funds after hackers agreed to return a portion as a white hat reward, similar to incidents involving the crypto lending platform Shezmu.
1inch Hack Connected to The Bybit Hack
This incident is reminiscent of the Bybit hack, which remains one of the largest in cryptocurrency history, with $1.5 billion stolen. The culprits, allegedly linked to North Korea, executed the theft without interception from authorities.
After the breach, Bybit secured loans from other crypto companies to ensure users could withdraw their funds. Although efforts to launder the stolen assets involved cross-chain mixers and swaps, experts believe that on-chain intelligence and collaboration with exchanges may still provide avenues for tracking and freezing the stolen assets.
The THORChain protocol, used for swapping funds between blockchains, experienced increased activity post-Bybit theft, indicating that the thieves likely utilized this platform to move their stolen gains.
The recent hack on 1inch underscores the persistent vulnerabilities in decentralized finance platforms. As the cryptocurrency landscape continues to evolve, vigilance and proactive security measures remain paramount for protecting user assets.
Helpful Reads:
