1inch Network

In this post, 1inch and brand security firm Phishfort break down the most common attack vectors in DeFi - and share practical tips to help you stay safe.
Every day, millions of users trust DeFi to move value freely, access global markets and stay in control of their assets. That trust matters to us. Your security isn’t a feature. It’s the foundation of everything we build.
But where there is opportunity, there are bad actors. Scammers constantly look for ways to exploit both leading DeFi projects and individual users. The threats evolve, but one thing remains: staying safe requires vigilance and the right knowledge.
That’s why we at 1inch constantly work with major security teams, like PhishFort, to cover all angles: from phishing campaigns to malicious infrastructure. 
Phishfort takes down scammers to keep DeFi safe for all of us. So we’ve teamed up with them to create your go-to guide to security threats in DeFi. Check it out to learn how to protect yourself from them - or for an in-depth look at Phishfort’s expert safety tips, visit PhishFort’s Security Guide here.
1. Search engine phishing (Google, Bing, DuckDuckGo)
You’ve probably seen a sponsored link or article that looks totally legitimate in your search results. It might even be ranking at the top of your search results, and the domain looks familiar. Everything seems normal. So you click - and land on a site built to steal your sensitive data.
Some of these traps only trigger when you arrive through a specific ad, which makes them harder to spot. Others drop a tracking cookie, then switch back to normal-looking content to wipe the trail and avoid detection.
By the time you realize something is wrong, the damage may already be done..
Examples of fake domains:
1ihch[.]us
App[.]1lnch[.]su
You can trust 1inch with many things - including that we know how to spell our own name. So, always verify URLs. Bookmark platforms’ official sites, like 1inch.com. Never rely on search results alone!
2. Social media account takeovers (ATO)
Do you think official channels can’t be compromised? You’re wrong. It could be just an angry intern. But it could be much worse.
For instance, discord hacks posted fake domains like 1inchio.app
Twitter/X compromises shared links like dapp-1inch[.]com
If a post asks you to connect your wallet urgently, take a pause. Verify via multiple official channels.
3. Fake apps from official stores
You probably think that if an app is listed in the App Store or Google Play, it’s safe. But scammers have repeatedly slipped past review checks and uploaded malicious versions of apps to official stores.
Fake apps can drain your wallet! So, don’t search app stores directly.
Instead, get the official app link from platforms, like 1inch.com.
4. Token approvals
You wouldn't sign a blank bank cheque. Well, you wouldn't sign a cheque at all, because it's not 1996. But why would you approve a transaction with an unlimited amount?
Use tools like:
Etherscan Approval Checker
Revoke.cash
Be careful: scammers create fake revoke sites too.
Approval scams exploit the ERC-20 approve() function. Once you grant unlimited approval, a malicious contract can drain tokens later - even if you withdraw from the platform.
If you approved an unlimited amount of tokens, revoke the approval immediately.
5. IPFS scams
Some users use InterPlanetary File System, a peer-to-peer (P2P), decentralized network protocol, to have a backup access point or avoid possible censorship. 
1inch also uses IPFS - as a deployment mirror. And that’s legitimate.
But scammers also use IPFS - to host malicious mirrors. Don’t try to search for 1inch’s IPFS link online: you may end up clicking a malicious one. 
Always use the official IPFS link from 1inch.com:
bafybeiajfrgxbbeznejyj4arwjmor25ggejrjxe27do5lhnmkta6usji7a.ipfs.dweb.link
6. Fake YouTube videos
If a YouTube video promises magical MEV bots, guaranteed arbitrage, a “send 1, get 2 back” deal or claims that Elon Musk will double your crypto, it’s most likely a scam.
These scam videos often involve hacked YouTube accounts renamed to Tesla or SpaceX or famous personalities. Bots inflate views to trick algorithms.
MEV bot scams are especially dangerous. They instruct users to copy-paste Solidity code. Running it drains your wallet.
The code may assemble a suspicious address like this one used by scammers:
0xFC360216Db687A7669F6dDaF20c9e37322E4A12e
If it promises you free money, you’re likely to lose yours.
7. “Bitcoin Revolution” scams
You’ve probably seen fake news articles or videos where wealthy people like Richard Branson or Elon Musk promote some project, promising a Bitcoin revolution.
They promise easy profits - if you just deposit money on a certain platform. But there’s a catch: when you try to withdraw your funds, it doesn’t work.
So, stay away.
8. Fake exchanges and investment platforms (“pig butchering”)
These platforms have:
no liquidityfake registration detailsfake support staff.
Any “crypto investment” platform promoted via unsolicited WhatsApp, SMS, Viber, iMessage or phone calls should be treated as a scam.
9. Twitter/X verified scams (fake giveaways)
Hijacked or purchased verified accounts rename themselves to, for instance, Elon Musk (why is it always Elon?), and promise giveaways.
They reply under legitimate posts to appear authentic.
Common red flags.
10. Discord DM spam
Sorry, but the real Elon will never DM you about an airdrop.
And nor will 1inch, Coinbase, Binance or the “next hot token.”
If someone DMs first - it’s a scam.
Do not click links in Discord bios. Consider all unsolicited DMs malicious.
11. Fake ICOs, memecoins, low liquidity tokens
If you invest in a fake ICO or rug token, you likely won’t see your funds again.
Approval scams tie into this. If you approve a malicious contract, it can drain your tokens later.
The UniCats example shows how a user approved infinite USDC spending - and lost $140K.
Memecoins often leave buyers holding unsellable tokens.
Avoid hype-driven, high-APR schemes promising 4000% returns.
12. Approval scams
Many users think: “If I don’t share my seed phrase, I’m safe.”
Not always.
ERC-20’s approve (address spender, uint256 value) allows third parties to transfer tokens on your behalf.
Threat actors exploit this.
Never approve unlimited spending. Revoke unused approvals regularly.
13. Fake DEXes and CEXes impersonating legitimate platforms
It doesn’t matter who asks - never share your private key or seed phrase.
There is no such thing as:
wallet synchronizationrectificationremediationERCSYNCfee reduction portalversion upgrade requiring seed phrase
These are all invented buzzwords used to steal assets.
14. Compromised device
Security doesn’t stop at contracts. Attackers are always looking for ways to sneak malicious code onto your device.
Never clone untrusted GitHub repos. Never mine crypto and use a wallet on the same device. Use 2FA.Ideally use a dedicated device for signing transactions.Watch for clipboard malware replacing wallet addresses.Beware hidden background transactions.
Even hardware wallets can be compromised if the device is infected.
15. Fake phone support
Legitimate projects do not call you. You’ll never get a call from Trezor, 1inch or Ledger. 
Similarly, don’t try to Google “Trezor phone support” and call the first result. Those numbers are scams.
Never enter your seed phrase anywhere.
16. SIM swapping
Another common attack vector: malicious actors attempting to hijack your mobile device.  Some tips to stop this happening:
If your mobile phone service suddenly drops - assume a SIM hack.Use authenticator apps, not SMS.Enable single-device mode.Keep backup codes.Use a YubiKey.
17. Social engineering and physical attacks
Scams aren’t always digital. Attackers still use the playbook of the old-school confidence trickster - or plain physical theft - to figure out your assets and get hold of them.  So:
Never disclose holdings publicly.Separate your hardware wallet and seed phrase - don’t store them together.Scrub metadata from photos.Ignore sextortion emails demanding BTC.There has been a rise in physical “wrench attacks” targeting crypto holders.
Be discreet. Stay vigilant.
*
To protect yourself, always verify the domains you are interacting with. Here is a list of legitimate 1inch properties you should bookmark:
1inch.com - the official domain
1inch.network - community/DAO
business.1inch.com - 1inch Business

Useful security tools:
Revoke.cash - break old links to suspicious sites
Token Sniffer - instant "scam score" for new coins
Bubble Maps - see if "insiders" are hiding their tokens
Pocket Universe - a popup that explains what you're signing
Tenderly - detailed "dry-run" of any transaction
GeckoTerminal - track DEXs, discover trending pairings, and explore pool metrics such as transaction counts, TVL, and token activity
A few tips for better security:
Direct access: Always type the URL directly into your browser or use a trusted bookmark. Never click on search engine results or ads for DeFi platforms.Verify social links: If a deal on Discord or Twitter looks too good to be true (like a surprise airdrop), double-check with other official channels before clicking.Check the URL carefully: Scammers use "typosquatting" (e.g., 1lnch instead of 1inch). Look for subtle misspellings in the domain name.Revoke old approvals: Use revoke cash to remove unnecessary old token approvals. Always set a limited spend cap, not unlimited.Avoid unsolicited DMs on Discord/X/others: Chances are they may be dishonest, better not risk it.Use cold storage and multi sig: Never keep a large amount of assets on hot storage. For big contracts use multi signatures.Never jump on a hasty call via dodgy meeting software. Be cautious of fake SDK update prompts impersonating software like Zoom.Always patch everything - OS, wallet, browsers, EDR/AV, router firmware and so on
To learn more about security in DeFi, check these guidelines from Phishfort and subscribe to the 1inch newsletter!

Concluziile unui sondaj recent efectuat în rândul a peste 8.000 de persoane de către 1inch, Bitget Wallet, Ondo, BOB, DaGama și SafePal dezvăluie o perspectivă optimistă asupra criptomonedelor în 2026.
Utilizatorii DeFi sunt în continuare optimiști.
Aceasta este una dintre concluziile principale ale unui sondaj la scară largă condus de 1inch și realizat în colaborare cu alți cinci jucători mari din segmentul DeFi.
72% dintre respondenții la nivel global și-au exprimat optimismul cu privire la viitorul sectorului cripto, a relevat sondajul, cu SUA raportând chiar niveluri mai ridicate (82%).

Aqua este noua stratificare de lichiditate de la 1inch, construită pentru a transforma modul în care funcționează strategiile de capital și randament în DeFi. Lansăm mai întâi pentru dezvoltatorii Web3, astfel încât aceștia să poată începe să construiască și să verifice posibilitățile acestui nou abord radical.
Aqua, noul protocol dezvoltat de 1inch, revoluționează accesul la lichiditate și eficiența capitalului în cadrul finanțelor descentralizate.
Pe scurt: cu Aqua, poți împărtăși active între multiple strategii, simultan - fără a bloca și păstrând fondurile în portofelul tău. Rezultatul? Strategiile nu trebuie să concureze pentru lichiditate mai mult - așa că fiecare rețea vede o eficiență mai mare și un volum de tranzacții potențial mai mare.

În această postare, explorăm factorii cheie care limitează cât de eficient și flexibil poate fi utilizată lichiditatea în DeFi.


Furnizarea de lichiditate a devenit una dintre cele mai comune activități în DeFi, alimentând totul, de la schimburi la piețele de stablecoin. Totuși, modul în care funcționează lichiditatea astăzi creează încă mai multe provocări pentru utilizatorii care doresc să furnizeze active eficient. Multe dintre aceste provocări provin din modul în care ecosistemul s-a dezvoltat de-a lungul anilor, fiecare protocol introducând propriul model de lichiditate și cerințe. Rezultatul este un sistem care funcționează, dar care adesea necesită mai mult efort, mai mult capital și mai multă atenție decât ar trebui.

Această colaborare îmbunătățește securitatea DeFi cu detectarea amenințărilor alimentată de AI.
Cu cât DeFi crește mai mult, cu atât mai mulți actori răi își testează apărările. 1inch lucrează constant pentru a menține un perimetru de securitate robust. Dar, pe măsură ce hackeri se mișcă mai repede pentru a găsi noi vectori de atac, protecția trebuie să evolueze la fel de repede.
O soluție constă în construirea de parteneriate care aduc noi abordări pentru securitate. Cele mai recente dintre acestea integrează AI-ul predictiv al Innerworks, inteligența avansată a dispozitivelor și uneltele de hacking etic RedTeam cu sistemul de apărare proactiv al 1inch, stabilind un nou standard pentru securitate în DeFi.

Această caracteristică vine ca o îmbunătățire majoră a experienței utilizatorului (UX), permițând utilizatorilor să schimbe direct monedele native ale rețelelor într-un flux într-un singur pas - mai rapid, mai sigur și mai simplu.
La 1inch, fiecare nouă caracteristică este construită pentru a reduce fricțiunea și a spori eficiența. Lansarea schimburilor de monede native ale rețelelor marchează un alt pas mare către realizarea unui schimb de criptomonede cât mai lin și intuitiv posibil.
De acum înainte, poți schimba tokenurile native ale unei rețele - precum ETH pe Ethereum sau POL pe Polygon - în orice altă monedă într-un singur pas folosind funcționalitatea bazată pe intenții sau cross-chain a 1inch. Fără ambalare manuală, fără jonglare cu aprobările multiple. Doar o confirmare și schimbul tău este finalizat.