Trusted Volumes Hacker Returns 1,122 ETH, Keeps $2M Bounty

Summary

A wallet linked to the Trusted Volumes exploit returned 1,122 ETH, worth about $2 million, to the protocol after a May 7 attack that drained roughly $5.9 million. The attacker appears to have kept a large remaining amount, making the return look like a partial settlement rather than full restitution. The exploit stemmed from a vulnerability in the protocol’s RFQ swap proxy, where a signature-check bypass let funds be drained. The recovery reduces losses for users, but it does not erase the incident or mean the protocol has been made whole. The case highlights a common DeFi pattern: when stolen funds are visible on-chain but not easily recoverable, teams often rely on wallet tracking, public pressure, and negotiated bounties instead of traditional legal recovery. The main takeaway is that partial fund returns are helpful, but trust still depends on a clear post-mortem and proof that the underlying flaw has been fixed.