Odaily News According to Decurity's subsequent report, 1inch has returned most of the $5 million stolen in the attack after negotiations with the hacker, and the hacker retained a portion as a bug bounty. The attack originated from a vulnerability in the Fusion v1 smart contract, and the main users affected were those using an outdated version of the parser, while ordinary user funds were not affected.
According to Odaily’s previous report, 1inch discovered a vulnerability in the Fusion v1 smart contract on March 5, which hackers exploited to steal funds. 1inch has called on relevant parsers to immediately audit and update the contract to prevent similar incidents from happening again.