On March 5, 2025, cybersecurity firm SlowMist identified unusual transactions linked to 1inch, a leading decentralized exchange aggregator.
The firm discovered that attackers had exploited a vulnerability in the platform’s outdated Fusion v1 smart contract, resulting in the loss of approximately $5 million in digital assets.
Among the stolen funds were 2.4 million USDC and 1,276 WETH, sparking widespread concern within the crypto community.
The breach highlights the ongoing risks associated with legacy smart contracts and the need for enhanced security measures to protect decentralized platforms from malicious exploits.
1inch Responds, Assures Users of Fund Safety
Shortly after the breach was detected, 1inch acknowledged the security flaw and provided reassurances to its users.
The platform clarified that the exploit targeted only outdated resolver smart contracts associated with the Fusion v1 implementation, rather than user funds.
While no individual wallets were compromised, the incident underscores the dangers of relying on outdated code within the DeFi ecosystem.
The 1inch team emphasized the importance of regular audits and upgrades to smart contracts, urging other projects to adopt proactive security strategies to mitigate similar threats in the future.
Also Read: SlowMist Warns of Phishing Threats by Scammers Disguised as Zoom Meeting Links
Hackers Execute Coordinated Attack to Drain Funds
Security analysts determined that the attack was executed in a highly coordinated manner, beginning at approximately 23:00 CET on March 5.
The hackers leveraged known weaknesses in the outdated contract, swiftly siphoning funds before defensive measures could be enacted.
The stolen assets were then rapidly laundered through decentralized platforms, making recovery efforts significantly more challenging.
The precision of the operation suggests that the perpetrators possessed an advanced understanding of blockchain vulnerabilities, highlighting the growing sophistication of cybercriminals targeting the DeFi space.
Cybersecurity Experts Warn of Legacy Smart Contract Risks
Following the attack, security experts have reiterated the importance of continuous smart contract audits and proactive vulnerability management.
SlowMist, alongside other blockchain security firms, has advised DeFi platforms to implement automated threat detection systems and phase out unsupported contract versions.
The breach serves as a stark reminder that outdated code remains a lucrative target for attackers, necessitating a shift toward real-time monitoring and improved security protocols.
Industry leaders are urging developers to stay vigilant and adopt best practices to safeguard both platform assets and user funds.
Also Read: SlowMist’s Founder Warns, Without 2FA, Privy-Based Wallets Are At Risk Of Losing All Assets
Lessons Learned: Strengthening Security in the DeFi Space
The 1inch exploit is the latest in a series of high-profile attacks that emphasize the urgent need for reinforced security across the decentralized finance sector.
While 1inch successfully contained the breach to outdated contract resolvers, the incident raises broader questions about the long-term viability of legacy systems.
Moving forward, DeFi platforms are being encouraged to prioritize security through rigorous audits, real-time risk assessments, and enhanced developer education.
The lessons learned from this breach may prompt a new wave of security measures aimed at preventing future vulnerabilities and protecting the integrity of blockchain networks.
Other Recent Industry Hacks Raise Further Concerns
The 1inch exploit is just one of several major security breaches that have shaken the crypto industry in recent months.
Safe Wallet recently disclosed new details about the $1.5 billion Bybit hack, revealing that attackers managed to bypass multi-factor authentication.
Investigations conducted in collaboration with Google Cloud’s Mandiant team confirmed that a North Korean state-sponsored group was behind the attack.
Additionally, Infini’s founder has issued warnings to investors regarding scammers impersonating him following the platform’s $49 million exploit.
In response to the attack, Infini’s leadership has pledged $25 million to stabilize operations while seeking an additional $20 million through over-the-counter transactions.
In another alarming development, the hackers responsible for the Bybit breach have reportedly completed laundering $1.39 billion in stolen Ethereum using the decentralized liquidity protocol THORChain.
The platform, which facilitated $5.9 billion in transactions during the laundering process, has faced scrutiny over its role in enabling such large-scale money laundering activities.