A new cyberattack has struck the decentralized finance (DeFi) ecosystem, resulting in a major security breach at Trusted Volumes, a trading protocol. Approximately $5.9 million was reported stolen, including significant amounts of Ethereum (ETH), Wrapped Bitcoin (WBTC), and stablecoins.
Technical cause and details of the exploit
According to blockchain security companies SlowMist and PeckShield, the attack exploited a critical flaw in the protocol’s signature verification code. This allowed the attacker to bypass essential authorization checks and create fraudulent trading orders.
Trusted Volumes operates as a DeFi trading protocol using a Request for Quote (RFQ) architecture. Unlike conventional automated market maker (AMM) models, orders in this system are exchanged directly between parties and require digital signature approval from both sides. Flawless operation of the cryptographic signature verification mechanism is crucial for transactional security.
However, a logical vulnerability in the fillOrder function seriously compromised the platform’s safety, leaving it open to manipulation.
PeckShield reported that the total loss has reached $5.9 million. SlowMist’s analysis identified the stolen assets as 1,291 ETH (about $3.02 million), 16.94 WBTC ($1.37 million), 1.26 million USDC, and 206,000 USDT.
What is the Trusted Volumes protocol?
Trusted Volumes is a DeFi protocol designed for decentralized trading, offering a structure where users can exchange price quotations directly. By enabling such peer-to-peer price discovery, the platform decentralizes traditional over-the-counter (OTC) transactions. For secure operation, the platform requires robust signature verification before users authorize access to their assets.
Aftermath of the theft and security recommendations
Following the incident, the attacker quickly moved the stolen funds through decentralized exchanges in an attempt to evade detection. Blockchain transaction records linked the stolen stablecoins and WBTC balances to various exchange addresses.
The breach at Trusted Volumes highlights ongoing security risks for DeFi platforms. Experts emphasize the vital importance of subjecting protocol-level signature verification algorithms to regular and thorough security audits.
Users who still have crypto assets on the platform now face heightened risk. Security analysts advise users to thoroughly review technical details and security reports of DeFi protocols before granting any large approvals.
This latest attack has renewed calls across the DeFi sector for urgent improvements in security frameworks. The company is currently conducting further investigations to identify any additional vulnerabilities.
