Trusted Volumes Hacker Returns 1,122 ETH, Keeps $2M Bounty

Source Newsbtc

A hacker tied to the Trusted Volumes exploit has returned 1,122 ETH to the protocol, closing part of a security incident that began with a multi-million-dollar exploit earlier this year.

The on-chain recovery is unusual because the attacker did not return everything. Instead, the wallet linked to the exploit sent back roughly $2 million worth of ETH while retaining another large amount as what now looks like a de facto bounty. That kind of outcome is familiar in DeFi, where projects sometimes negotiate with attackers after an exploit rather than risk losing the full amount forever.

The returned funds matter because they reduce the damage for the protocol and its users. But the structure of the settlement also shows how messy DeFi security remains. When smart contracts fail, the market often ends up relying on public pressure, wallet tracking, and informal negotiation rather than a clean legal process.

Reference: Etherscan

TL;DR

  • The Trusted Volumes attacker returned 1,122 ETH to the protocol inventory.
  • The exploit originally drained about $5.9 million through a smart contract vulnerability.
  • The attacker appears to have retained roughly $2 million as a bounty-style settlement.

What Happened With Trusted Volumes?

The exploit traces back to a vulnerability in Trusted Volumes’ RFQ swap proxy. According to the on-chain evidence, the May 7 attack drained approximately $5.9 million in assets through a signature-check bypass.

That is the kind of vulnerability that can be especially damaging in DeFi because it sits close to the execution layer of a protocol. If a swap proxy accepts an invalid or improperly checked instruction, an attacker may be able to move funds in a way the system was never meant to allow.

The important update now is the return of 1,122 ETH from the attacker wallet to protocol inventory. The primary source for the story is the wallet and transaction evidence on Etherscan, which shows the recovery leg of the movement.

This does not necessarily mean the protocol has been made whole. It means a meaningful part of the exploited funds has come back.

That distinction matters. A partial recovery can be better than nothing, but it still leaves users and the wider market asking why the vulnerability existed, how quickly it was detected, and whether the protocol has made changes to prevent a repeat.

Why DeFi Exploit Settlements Keep Happening

Crypto has developed a strange pattern around major exploits.

In traditional finance, a theft usually leads to police reports, frozen accounts, and court processes. In DeFi, the first response is often public wallet tracking. The attacker’s address gets labelled. On-chain analysts follow the movement of funds. Protocol teams may publish messages offering a bounty if the money is returned.

Sometimes attackers accept. Sometimes they disappear into mixers, bridges, or exchange routes. Sometimes they return a portion and keep the rest.

That appears to be the shape of this case.

The reason this happens is simple: blockchains make funds visible, but not always recoverable. If an attacker controls the private keys, the protocol cannot simply reverse the transaction. The best practical outcome may be to offer a settlement before the funds are moved further away.

That is uncomfortable, but it is also realistic.

For users, the lesson is that code risk is not abstract. Even protocols with real activity can suffer from a small implementation flaw that becomes a major loss. For developers, the lesson is even sharper: signature validation, access controls, proxy logic, and upgrade paths need aggressive review because attackers only need one weak point.

The Recovery Helps, But It Does Not Erase The Exploit

The return of 1,122 ETH is clearly positive for Trusted Volumes, but it should not be treated as a full reset.

An exploit still happened. Funds were still removed. The attacker still appears to have kept a significant sum. The protocol still needs to show that the underlying issue has been addressed and that users can trust the system going forward.

That matters because DeFi confidence is fragile after security incidents. Users may forgive a protocol that responds quickly, communicates clearly, and recovers funds. They are less forgiving when teams stay vague, downplay the incident, or fail to explain what changed.

The strongest next step for Trusted Volumes would be a clear post-mortem: what failed, how the attacker used it, how the contract logic has been fixed, and whether any user balances remain affected.

Until then, the market can recognise the recovery without pretending the episode is over.

This is also a useful reminder for the wider sector. DeFi security is not only about preventing hacks. It is about incident response, transparency, on-chain monitoring, and whether projects can recover enough trust after something goes wrong.

Trusted Volumes got some funds back. The harder job is proving the system is safer than it was before the exploit.

This article is based on Etherscan wallet and transaction data.

This article was written by the News Desk and edited by Samuel Rae.

This report is based on information released by Etherscan. at Etherscan

Disclaimer: For information purposes only. Past performance is not indicative of future results.
placeholder
Natural Gas sinks to pivotal level as China’s demand slumpsNatural Gas price (XNG/USD) edges lower and sinks to $2.56 on Monday, extending its losing streak for the fifth day in a row. The move comes on the back of China cutting its Liquified Natural Gas (LNG) imports after prices rose above $3.0 in June. It
Author  FXStreet
Jul 01, 2024
Natural Gas price (XNG/USD) edges lower and sinks to $2.56 on Monday, extending its losing streak for the fifth day in a row. The move comes on the back of China cutting its Liquified Natural Gas (LNG) imports after prices rose above $3.0 in June. It
placeholder
Markets in 2026: Will gold, Bitcoin, and the U.S. dollar make history again? — These are how leading institutions thinkAfter a turbulent 2025, what lies ahead for commodities, forex, and cryptocurrency markets in 2026?
Author  Insights
Dec 25, 2025
After a turbulent 2025, what lies ahead for commodities, forex, and cryptocurrency markets in 2026?
placeholder
ECB Policy Outlook for 2026: What It Could Mean for the Euro’s Next MoveWith the ECB likely holding rates steady at 2.15% and the Fed potentially extending cuts into 2026, EUR/USD may test 1.20 if Eurozone growth proves resilient, but weaker growth and an ECB pivot could pull the pair back toward 1.13 and potentially 1.10.
Author  Mitrade
Dec 26, 2025
With the ECB likely holding rates steady at 2.15% and the Fed potentially extending cuts into 2026, EUR/USD may test 1.20 if Eurozone growth proves resilient, but weaker growth and an ECB pivot could pull the pair back toward 1.13 and potentially 1.10.
placeholder
Gold slides back closer to $4,050 as Iran risks and Fed hike bets boost USDGold (XAU/USD) opens with a modest bearish gap at the start of a new week and slides back closer to the $4,050 level during the Asian session.
Author  FXStreet
Jul 13, Mon
Gold (XAU/USD) opens with a modest bearish gap at the start of a new week and slides back closer to the $4,050 level during the Asian session.
placeholder
Gold Price Forecast: Cooling Inflation Fails to Offset Fed Hawkish Pressure, Gold Price May Fall to $3,500As of the Asian session on July 17, gold prices ( XAUUSD ) fluctuated around $4,000. However, it is worth noting that gold closed at $3,969.41 yesterday, confirming a break below the $4,0
Author  TradingKey
Yesterday 10: 30
As of the Asian session on July 17, gold prices ( XAUUSD ) fluctuated around $4,000. However, it is worth noting that gold closed at $3,969.41 yesterday, confirming a break below the $4,0
goTop
quote