.png){kind=logo}
A hacker has begun laundering stolen crypto tied to the $6.7 million TrustedVolumes exploit, according to PeckShield. The cybersecurity firm said the attacker had already moved hundreds of thousands of dollars in Ethereum and Bitcoin. TrustedVolumes now says it is open to talks, while investigators say a design flaw in its settlement system enabled the drain.
PeckShield said the attacker has laundered $278,000 in stolen funds so far. It reported that the hacker deposited 10.2 ETH worth about $23,600 into TornadoCash. The firm also said the hacker moved 110 ETH, worth about $250,000, through THORChain into Bitcoin. In addition, the hacker tried to send 0.5 ETH to Railgun before reversing the move and returning the funds.
TrustedVolumes was exploited for about $6.7 million on May 7. PeckShield has continued to track the wallet activity as the stolen assets move across blockchain networks.
TrustedVolumes said it is willing to negotiate a resolution with the hacker. The firm also listed three wallet addresses tied to the stolen crypto. Two of those wallets hold about $3 million in assets. The third wallet holds about $700,000 in stolen funds, according to the company’s disclosure.
The company also said, “We were recently exploited…” It added, “We are open to constructive communication regarding a bug bounty and a mutually acceptable resolution.”
Blockchain security firm QuillAudits said the hacker drained the funds through a design flaw in TrustedVolumes’ custom order-settlement system. It said the platform worked as a 1-inch market maker and resolver. QuillAudits explained the setup as a Request-for-Quote proxy. In its words, the system depends on three controls: authorized signing, replay protection, and verified token sourcing.
Read More: Cybersecurity Arms Race: Microsoft vs. Hackers in 2026
The firm said, “In the TrustedVolumes implementation, all three guarantees failed simultaneously, and the attacker exploited them in a single composed transaction.” The quote describes how the attacker drained millions in one move.
The incident adds to ongoing pressure on decentralized finance platforms. Security firms continue to watch suspicious wallet activity, while laundering tools like mixers and cross-chain swaps complicate tracing. At the same time, blockchain analytics teams still follow public ledger data. Their tracking remains possible since on-chain transactions stay visible, even when attackers try to hide them.
TrustedVolumes now joins a growing list of DeFi projects hit by major exploits. The case shows how fast a design flaw can turn into a multimillion-dollar loss.
TrustedVolumes lost nearly $6.7 million after hackers exploited flaws in its settlement system, according to QuillAudits and PeckShield. Investigators traced stolen Ethereum through TornadoCash and THORChain as laundering activity increased. The incident adds fresh pressure on DeFi platforms to strengthen smart contract security and transaction protections.
