A hacker has begun laundering digital assets that were part of a $6.7 million heist from liquidity provider TrustedVolumes, according to cybersecurity firm PeckShield.
Peak Shield He says New data suggests that the hacker has begun moving hundreds of thousands of dollars worth of Ethereum (Ethereum).
“The TrustedVolumes exploit has laundered $278,000 USD in stolen funds so far: they deposited 10.2 ETH ($23,600 USD) into TornadoCash and laundered 110 ETH ($250,000 USD) via THORChain into BTC; they also tried to deposit 0.5 ETH into Railgun but changed their mind and returned it. Exploit TrustedVolumes for ~$6.7 million on May 7.
Trusted folders He says They are willing to negotiate a solution with the hackers. The company also lists three wallet addresses, two of which hold approximately $3 million USD and one worth $700,000 worth of stolen cryptocurrency assets.
“We’ve been taken advantage of lately…
We are open to constructive communication regarding bug bounty and reaching a mutually acceptable solution.
Blockchain security company QuillAudits He says The hacker was able to drain millions in a single transaction by exploiting a design flaw in the platform’s custom order settlement system.
“TrustedVolumes acts as a one-inch market maker and analyst, providing cross-chain liquidity through a dedicated Request for Quote (RFQ) proxy…
In the RFQ form, a manufacturer pre-signs orders, quoting a specific price for a specific token pair. The recipient submits the signed quote to the settlement contract, which verifies the signature and automatically executes the swap. The system relies on three safeguards that work in concert: the maker must be authorized who can sign orders on his behalf, each signed order must be filled only once (replay protection), and the source of the fill token must be the authenticated maker’s own inventory, not an arbitrary third-party address.
In the TrustedVolumes implementation, all three guarantees failed simultaneously, and the attacker exploited them in a single composed transaction.
Follow us on X, Facebook and cable
Never miss a beat – Subscribe Get email alerts delivered directly to your inbox
browse Hodel’s daily mix
 
Disclaimer: The opinions expressed in The Daily Hodl are not investment advice. Investors should conduct due diligence before making any high-risk investments in Bitcoin, cryptocurrency or digital assets. Please note that your transfers and trades are at your own risk, and any losses you may incur are your responsibility. The Daily Hodl does not recommend the purchase or sale of any assets including cryptocurrencies, nor is The Daily Hodl an investment advisor. Please note that The Daily Hodl participates in affiliate marketing.
Generated image: mid-flight
