Verify a decision

{"actor":"system:backfill","investigation_id":"a4cc3a16-a934-40c9-8117-a05d45a1f6fd","kind":"publish","page_slug":"1inch","published_at":"2026-05-27T17:32:31.836Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"1inch","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://blog.1inch.com/meet-1inch-team-sergej-kunz/","type":"other","url":""},{"credibility":3,"name":"https://blog.1inch.com/meet-1inch-team-anton-bukov-co-founder-and-cto/","type":"other","url":""},{"credibility":3,"name":"https://www.globenewswire.com/news-release/2024/09/18/2947963/0/en/1inch-Announces-Fusion-Upgrade-Enabling-Secure-Decentralized-Cross-Chain-Swaps-for-Web3-Users.html","type":"other","url":""},{"credibility":3,"name":"https://1inch.com/about","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://beincrypto.com/1inch-website-hacked-in-supply-chain-attack/","type":"other","url":""},{"credibility":3,"name":"https://cointelegraph.com/news/crypto-app-sites-malicious-popups-after-ace-drainer-hacks-animation-library","type":"other","url":""},{"credibility":3,"name":"https://decrypt.co/326012/1inch-foundation-proposes-user-compensation-plan","type":"other","url":""},{"credibility":3,"name":"https://crypto.news/1inch-web-app-compromised-losses-to-be-reimbursed/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://blog.1inch.com/1inch-security-and-deterrent-measures/","type":"other","url":""},{"credibility":3,"name":"https://www.binance.com/en/square/post/12-12-2024-1inch-addresses-security-breach-and-enhances-safety-measures-17445097637841","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-1inch-hack-march-2025","type":"other","url":""},{"credibility":3,"name":"https://olympixai.medium.com/the-1inch-fusion-v1-exploit-how-a-calldata-corruption-vulnerability-drained-5-million-d5667c83fc2a","type":"other","url":""},{"credibility":3,"name":"https://cointelegraph.com/news/1inch-loses-5m-hack-fusion-v1-smart-contract","type":"other","url":""},{"credibility":3,"name":"https://beincrypto.com/1inch-hacker-returns-stolen-funds-defi-security/","type":"other","url":""},{"credibility":3,"name":"https://coinchapter.com/1inch-hacker-returns-5m-after-negotiation-keeps-a-bug-bounty/","type":"other","url":""},{"credibility":3,"name":"https://www.bitdegree.org/crypto/news/1inch-loses-5-million-in-crypto-theftuser-funds-remain-safe","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.theblock.co/post/400332/1inch-trustedvolumes-exploit","type":"other","url":""},{"credibility":3,"name":"https://thedefiant.io/news/defi/1inch-resolver-trustedvolumes-drained-for-usd6-7m-on-ethereum","type":"other","url":""},{"credibility":3,"name":"https://coinpedia.org/news/1inch-liquidity-provider-trusted-volumes-exploited-for-5-87-million/","type":"other","url":""},{"credibility":3,"name":"https://crypto.news/trustedvolumes-loses-nearly-6m-in-fresh-1inch-linked-exploit/","type":"other","url":""},{"credibility":3,"name":"https://bitcoinfoundation.org/news/crimes-and-fraud-news/1inch-provider-hacked/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.molfar.institute/en/1inch-fss-crypto-en/","type":"other","url":""},{"credibility":3,"name":"https://molfar.com/en/blog/1inch-fss-crypto","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://bestdapps.com/blogs/news/a-deepdive-into-1inch-network","type":"other","url":""},{"credibility":3,"name":"https://tokeninsight.com/en/coins/1inch/tokenomics","type":"other","url":""},{"credibility":3,"name":"https://tokenomist.ai/1inch","type":"other","url":""},{"credibility":3,"name":"https://www.ainvest.com/news/1inch-team-buys-11-81-million-1inch-tokens-valued-3-3-million-2507/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.ccn.com/analysis/crypto/1inch-price-prediction/","type":"other","url":""},{"credibility":3,"name":"https://www.theblock.co/post/343583/cow-swap-surges-to-26-market-share-challenging-1inch-for-dex-aggregator-dominance","type":"other","url":""},{"credibility":3,"name":"https://messari.io/report/state-of-1inch-q2-2025","type":"other","url":""},{"credibility":3,"name":"https://messari.io/report/state-of-1inch-q3-2025","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://cointelegraph.com/news/sec-is-killing-innovation-in-united-states-1inch-co-founder","type":"other","url":""},{"credibility":3,"name":"https://www.trmlabs.com/resources/case-studies/1inch-network-identifies-hundreds-of-high-risk-addresses","type":"other","url":""},{"credibility":3,"name":"https://1inch.com/about","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.pcrisk.com/removal-guides/33033-1inch-reward-scam","type":"other","url":""},{"credibility":3,"name":"https://www.pcrisk.com/removal-guides/32977-1inch-airdrop-scam","type":"other","url":""},{"credibility":3,"name":"https://www.enigmasoftware.com/1inchrewardscam-removal/","type":"other","url":""}]}],"sources_used":[],"summary":"1inch is a decentralized exchange (DEX) aggregator and liquidity protocol founded in 2019 by Sergej Kunz and Anton Bukov, operating across Ethereum and multiple EVM-compatible chains. The platform has experienced a series of security incidents between late 2024 and mid-2025, including a front-end supply chain attack, a private key compromise, a $5 million Fusion v1 resolver exploit, and a separate $5.87 million attack on a partner resolver — raising questions about operational security and smart contract lifecycle management. Additional concerns include alleged connections between co-founder Anton Bukov and the Russian FSS Academy, governance centralization risks, and sustained token value erosion since the 2021 peak.","timeline":[{"date":"2019-05-01","event":"Sergej Kunz and Anton Bukov prototype the 1inch DEX aggregator at the New York ETHGlobal hackathon.","source":""},{"date":"2020-08-01","event":"1inch protocol launches publicly as a DEX aggregator routing trades across multiple decentralized exchanges.","source":""},{"date":"2020-12-01","event":"1INCH governance token distributed via retroactive airdrop; one wallet allegedly received tokens then valued at ~$22.7 million according to Molfar Intelligence.","source":""},{"date":"2024-09-18","event":"1inch announces Fusion+, an intent-based cross-chain atomic swap system enabling trustless cross-chain swaps without bridges.","source":""},{"date":"2024-10-30","event":"1inch front-end compromised in Lottie Player supply chain attack; 'Ace Drainer' malicious popups served to users. 1inch Foundation later proposes $768,026 USDC reimbursement.","source":""},{"date":"2024-12-09","event":"Private key of the 1inch Labs Resolver smart contract owner compromised; attacker alters contract settings and transfers funds. 1inch revokes access and announces enhanced security measures.","source":""},{"date":"2025-03-05","event":"Attacker exploits buffer overflow in deprecated Fusion v1 Settlement contract, stealing approximately $5 million (2.4M USDC + 1,276 WETH) from resolvers still using legacy contracts.","source":""},{"date":"2025-03-06","event":"1inch and the affected resolver negotiate with the attacker on-chain; majority of stolen funds returned by ~4:12 AM, with attacker retaining ~$450,000 as a bug bounty (~10%).","source":""},{"date":"2025-05-07","event":"TrustedVolumes, a 1inch resolver and liquidity provider, exploited for approximately $5.87 million via a flaw in its custom RFQ proxy server; attributed to the same attacker as the March 2025 Fusion v1 hack.","source":""}]},"v":1}