If you’re a 1inch user affected by the October hack, don’t move one inch because it’s payback time! After its system was exploited in October 2024 and almost $800,000 was stolen in user funds, the 1inch group has now revealed that it will be reimbursing all affected users. But before you get too excited, this reimbursement comes with its terms and conditions.
The 1inch foundation, the parent organization of the 1inch exchange, has proposed a reimbursement plan for all of the exchange’s users affected by the October attack. The reimbursement proposal, named 1IP-80, is worth $768,000, which is the exact amount stolen in the attack.
While the proposal covers all affected users, only users who complete all four of the requirements will be able to access it. The first is to complete a KYC identity verification, the second is to provide evidence of losses, the third is to file a report with law enforcement, and the fourth is to sign a compensation agreement.
Some of these requirements might seem a bit overkill or even shocking to previous users of 1inch, especially the KYC requirement. The 1inch platform has never required users to complete a KYC process to trade. In fact, this exact feature has made 1inch among the most popular choices for users who do not want to use centralized exchanges that require KYC. As far as the reimbursement and KYC process goes, 1inch has revealed that the process would be overseen by the DeFi DEX aggregator. Although KYC seems like a sure thing, the platform has not specified what KYC information exactly would be required.
Still on the same issue, there is an ongoing investigation in the Canary Islands, which would require all victims to waive their right to any funds later recovered.
1inch’s Many Hack Attacks
The hack that spawned this event happened on the 30th of October 2024. In the attack, the hackers compromised 1inch’s decentralized application through a supply chain vulnerability in the Lottie Player Library. This plugin is used for animation on websites, but hackers would find another use for it. It was used to siphon $768,000 out of the platform.
This October hack is, however, not the only hack the platform has faced in recent times. In March of this year, there was a $5 million breach of 1inch. Although most of the funds lost were eventually recovered after negotiations were made with the hacker who carried out the attack. So far, there is no mention of any such negotiations in this case. But who knows? Maybe the hacker will have a change of heart and bring back the money.
Whatever happens, though, one thing is clear as day: 1inch needs to seriously upgrade its security and secure its platform. Even though it’s doing the right thing by paying compensation to the affected users, the platform suffering one attack after another is not a good look at all. If something is not done soon, security-wise, users may lose confidence in the platform, which is very bad business.
Gunel Ismayilova
Disclaimer: All materials on this site are for informational purposes only. None of the material should be interpreted as investment advice. Please note that despite the nature of much of the material created and hosted on this website, HODL FM is not a financial reference resource, and the opinions of authors and other contributors are their own and should not be taken as financial advice. If you require advice. HODL FM strongly recommends contacting a qualified industry professional.
