1inch Network

In this post, 1inch and brand security firm Phishfort break down the most common attack vectors in DeFi - and share practical tips to help you stay safe.
Every day, millions of users trust DeFi to move value freely, access global markets and stay in control of their assets. That trust matters to us. Your security isn’t a feature. It’s the foundation of everything we build.
But where there is opportunity, there are bad actors. Scammers constantly look for ways to exploit both leading DeFi projects and individual users. The threats evolve, but one thing remains: staying safe requires vigilance and the right knowledge.
That’s why we at 1inch constantly work with major security teams, like PhishFort, to cover all angles: from phishing campaigns to malicious infrastructure. 
Phishfort takes down scammers to keep DeFi safe for all of us. So we’ve teamed up with them to create your go-to guide to security threats in DeFi. Check it out to learn how to protect yourself from them - or for an in-depth look at Phishfort’s expert safety tips, visit PhishFort’s Security Guide here.
1. Search engine phishing (Google, Bing, DuckDuckGo)
You’ve probably seen a sponsored link or article that looks totally legitimate in your search results. It might even be ranking at the top of your search results, and the domain looks familiar. Everything seems normal. So you click - and land on a site built to steal your sensitive data.
Some of these traps only trigger when you arrive through a specific ad, which makes them harder to spot. Others drop a tracking cookie, then switch back to normal-looking content to wipe the trail and avoid detection.
By the time you realize something is wrong, the damage may already be done..
Examples of fake domains:
1ihch[.]us
App[.]1lnch[.]su
You can trust 1inch with many things - including that we know how to spell our own name. So, always verify URLs. Bookmark platforms’ official sites, like 1inch.com. Never rely on search results alone!
2. Social media account takeovers (ATO)
Do you think official channels can’t be compromised? You’re wrong. It could be just an angry intern. But it could be much worse.
For instance, discord hacks posted fake domains like 1inchio.app
Twitter/X compromises shared links like dapp-1inch[.]com
If a post asks you to connect your wallet urgently, take a pause. Verify via multiple official channels.
3. Fake apps from official stores
You probably think that if an app is listed in the App Store or Google Play, it’s safe. But scammers have repeatedly slipped past review checks and uploaded malicious versions of apps to official stores.
Fake apps can drain your wallet! So, don’t search app stores directly.
Instead, get the official app link from platforms, like 1inch.com.
4. Token approvals
You wouldn't sign a blank bank cheque. Well, you wouldn't sign a cheque at all, because it's not 1996. But why would you approve a transaction with an unlimited amount?
Use tools like:
Etherscan Approval Checker
Revoke.cash
Be careful: scammers create fake revoke sites too.
Approval scams exploit the ERC-20 approve() function. Once you grant unlimited approval, a malicious contract can drain tokens later - even if you withdraw from the platform.
If you approved an unlimited amount of tokens, revoke the approval immediately.
5. IPFS scams
Some users use InterPlanetary File System, a peer-to-peer (P2P), decentralized network protocol, to have a backup access point or avoid possible censorship. 
1inch also uses IPFS - as a deployment mirror. And that’s legitimate.
But scammers also use IPFS - to host malicious mirrors. Don’t try to search for 1inch’s IPFS link online: you may end up clicking a malicious one. 
Always use the official IPFS link from 1inch.com:
bafybeiajfrgxbbeznejyj4arwjmor25ggejrjxe27do5lhnmkta6usji7a.ipfs.dweb.link
6. Fake YouTube videos
If a YouTube video promises magical MEV bots, guaranteed arbitrage, a “send 1, get 2 back” deal or claims that Elon Musk will double your crypto, it’s most likely a scam.
These scam videos often involve hacked YouTube accounts renamed to Tesla or SpaceX or famous personalities. Bots inflate views to trick algorithms.
MEV bot scams are especially dangerous. They instruct users to copy-paste Solidity code. Running it drains your wallet.
The code may assemble a suspicious address like this one used by scammers:
0xFC360216Db687A7669F6dDaF20c9e37322E4A12e
If it promises you free money, you’re likely to lose yours.
7. “Bitcoin Revolution” scams
You’ve probably seen fake news articles or videos where wealthy people like Richard Branson or Elon Musk promote some project, promising a Bitcoin revolution.
They promise easy profits - if you just deposit money on a certain platform. But there’s a catch: when you try to withdraw your funds, it doesn’t work.
So, stay away.
8. Fake exchanges and investment platforms (“pig butchering”)
These platforms have:
no liquidityfake registration detailsfake support staff.
Any “crypto investment” platform promoted via unsolicited WhatsApp, SMS, Viber, iMessage or phone calls should be treated as a scam.
9. Twitter/X verified scams (fake giveaways)
Hijacked or purchased verified accounts rename themselves to, for instance, Elon Musk (why is it always Elon?), and promise giveaways.
They reply under legitimate posts to appear authentic.
Common red flags.
10. Discord DM spam
Sorry, but the real Elon will never DM you about an airdrop.
And nor will 1inch, Coinbase, Binance or the “next hot token.”
If someone DMs first - it’s a scam.
Do not click links in Discord bios. Consider all unsolicited DMs malicious.
11. Fake ICOs, memecoins, low liquidity tokens
If you invest in a fake ICO or rug token, you likely won’t see your funds again.
Approval scams tie into this. If you approve a malicious contract, it can drain your tokens later.
The UniCats example shows how a user approved infinite USDC spending - and lost $140K.
Memecoins often leave buyers holding unsellable tokens.
Avoid hype-driven, high-APR schemes promising 4000% returns.
12. Approval scams
Many users think: “If I don’t share my seed phrase, I’m safe.”
Not always.
ERC-20’s approve (address spender, uint256 value) allows third parties to transfer tokens on your behalf.
Threat actors exploit this.
Never approve unlimited spending. Revoke unused approvals regularly.
13. Fake DEXes and CEXes impersonating legitimate platforms
It doesn’t matter who asks - never share your private key or seed phrase.
There is no such thing as:
wallet synchronizationrectificationremediationERCSYNCfee reduction portalversion upgrade requiring seed phrase
These are all invented buzzwords used to steal assets.
14. Compromised device
Security doesn’t stop at contracts. Attackers are always looking for ways to sneak malicious code onto your device.
Never clone untrusted GitHub repos. Never mine crypto and use a wallet on the same device. Use 2FA.Ideally use a dedicated device for signing transactions.Watch for clipboard malware replacing wallet addresses.Beware hidden background transactions.
Even hardware wallets can be compromised if the device is infected.
15. Fake phone support
Legitimate projects do not call you. You’ll never get a call from Trezor, 1inch or Ledger. 
Similarly, don’t try to Google “Trezor phone support” and call the first result. Those numbers are scams.
Never enter your seed phrase anywhere.
16. SIM swapping
Another common attack vector: malicious actors attempting to hijack your mobile device.  Some tips to stop this happening:
If your mobile phone service suddenly drops - assume a SIM hack.Use authenticator apps, not SMS.Enable single-device mode.Keep backup codes.Use a YubiKey.
17. Social engineering and physical attacks
Scams aren’t always digital. Attackers still use the playbook of the old-school confidence trickster - or plain physical theft - to figure out your assets and get hold of them.  So:
Never disclose holdings publicly.Separate your hardware wallet and seed phrase - don’t store them together.Scrub metadata from photos.Ignore sextortion emails demanding BTC.There has been a rise in physical “wrench attacks” targeting crypto holders.
Be discreet. Stay vigilant.
*
To protect yourself, always verify the domains you are interacting with. Here is a list of legitimate 1inch properties you should bookmark:
1inch.com - the official domain
1inch.network - community/DAO
business.1inch.com - 1inch Business

Useful security tools:
Revoke.cash - break old links to suspicious sites
Token Sniffer - instant "scam score" for new coins
Bubble Maps - see if "insiders" are hiding their tokens
Pocket Universe - a popup that explains what you're signing
Tenderly - detailed "dry-run" of any transaction
GeckoTerminal - track DEXs, discover trending pairings, and explore pool metrics such as transaction counts, TVL, and token activity
A few tips for better security:
Direct access: Always type the URL directly into your browser or use a trusted bookmark. Never click on search engine results or ads for DeFi platforms.Verify social links: If a deal on Discord or Twitter looks too good to be true (like a surprise airdrop), double-check with other official channels before clicking.Check the URL carefully: Scammers use "typosquatting" (e.g., 1lnch instead of 1inch). Look for subtle misspellings in the domain name.Revoke old approvals: Use revoke cash to remove unnecessary old token approvals. Always set a limited spend cap, not unlimited.Avoid unsolicited DMs on Discord/X/others: Chances are they may be dishonest, better not risk it.Use cold storage and multi sig: Never keep a large amount of assets on hot storage. For big contracts use multi signatures.Never jump on a hasty call via dodgy meeting software. Be cautious of fake SDK update prompts impersonating software like Zoom.Always patch everything - OS, wallet, browsers, EDR/AV, router firmware and so on
To learn more about security in DeFi, check these guidelines from Phishfort and subscribe to the 1inch newsletter!

1inch、Bitget Wallet、Ondo、BOB、DaGama、SafePalによって実施された8,000人以上の個人を対象とした調査の結果、2026年の暗号通貨に対する楽観的な見通しが明らかになりました。
DeFiユーザーは依然として楽観的です。
これは、1inchが主導し、DeFiセグメントの他の5つの主要プレーヤーと協力して実施された大規模調査の主要な結果の一つです。
調査によると、世界中の72%の回答者が暗号セクターの未来について楽観的であると表明し、米国ではさらに高いレベル（82%）が報告されました。

Aquaは1inchの新しい流動性レイヤーで、DeFiにおける資本と利回り戦略の働き方を変革するために構築されました。私たちは、Web3開発者に最初にリリースし、彼らがこの革新的な新しいアプローチの可能性を構築し、検証できるようにします。
Aquaは、1inchによって開発された新しいプロトコルで、分散型金融全体で流動性アクセスと資本効率を革命的に変えます。
簡単に言うと：Aquaを使えば、資産を複数の戦略にまたがって同時に共有できます - ロックすることなく、資金をウォレットに保持したままで。結果は？戦略はもはや流動性を競う必要がなくなり、すべてのネットワークで効率性と潜在的な取引量が向上します。

この投稿では、DeFi全体で流動性をどれだけ効率的かつ柔軟に使用できるかを制限する主要な要因を探ります。


流動性の提供は、DeFiにおいて最も一般的な活動の一つとなり、スワップからステーブルコイン市場まであらゆるものを支えています。しかし、今日の流動性の運用方法は、資産を効率的に供給したいユーザーにとっていくつかの課題を生み出しています。これらの課題の多くは、エコシステムが年々どのように発展してきたかに起因し、各プロトコルが独自の流動性モデルと要件を導入しています。その結果、機能するシステムができましたが、しばしば必要以上の労力、資本、注意を要求されます。

このコラボレーションは、AI駆動の脅威検出を用いてDeFiのセキュリティを向上させます。
DeFiが成長すればするほど、悪意のある行為者がその防御を試す機会が増えます。1inchは常に堅牢なセキュリティの周辺を維持するために努力しています。しかし、ハッカーが新しい攻撃ベクトルを見つけるためにより迅速に動くため、保護も同じように迅速に進化しなければなりません。
ある答えは、新しいアプローチをセキュリティにもたらすパートナーシップを構築することにあります。これらの最新のものは、Innerworksの予測AI、高度なデバイスインテリジェンス、RedTeamの倫理的ハッキングツールを1inchのプロアクティブな防御システムと統合し、DeFiにおけるセキュリティの新しいベンチマークを設定します。

この機能は主要なUXの改善として登場し、ユーザーがネットワークのネイティブ通貨をワンステップのフローで直接交換できるようにします - より速く、安全で、簡単に。
1inchでは、すべての新しい機能は摩擦を削減し、効率を向上させるために構築されています。ネットワークのネイティブ通貨の交換の展開は、暗号交換をできるだけスムーズで直感的にするためのもう一つの大きなステップを示しています。
これからは、ネットワークのネイティブトークン - EthereumのETHやPolygonのPOLのような - を1inchの意図ベースまたはクロスチェーン機能を使用して、他のコインに一度のステップで交換できます。手動でのラッピングは不要で、複数の承認を juggling する必要もありません。確認は1回だけで、交換は完了します。