The famous DEX aggregator 1inch was hacked on March 5th due to a contract vulnerability, resulting in losses of over $5 million.

The hacker exploited a vulnerability in the old version of the Fusion v1 smart contract to steal funds and left a message inquiring about the bounty for returning the stolen funds.

After negotiating with the hacker, most of the stolen funds have been returned, and the hacker kept a portion as a vulnerability bounty, the amount of which has not been disclosed, typically around 10%-15%.