1inch Network

In this post, 1inch and brand security firm Phishfort break down the most common attack vectors in DeFi - and share practical tips to help you stay safe.
Every day, millions of users trust DeFi to move value freely, access global markets and stay in control of their assets. That trust matters to us. Your security isn’t a feature. It’s the foundation of everything we build.
But where there is opportunity, there are bad actors. Scammers constantly look for ways to exploit both leading DeFi projects and individual users. The threats evolve, but one thing remains: staying safe requires vigilance and the right knowledge.
That’s why we at 1inch constantly work with major security teams, like PhishFort, to cover all angles: from phishing campaigns to malicious infrastructure. 
Phishfort takes down scammers to keep DeFi safe for all of us. So we’ve teamed up with them to create your go-to guide to security threats in DeFi. Check it out to learn how to protect yourself from them - or for an in-depth look at Phishfort’s expert safety tips, visit PhishFort’s Security Guide here.
1. Search engine phishing (Google, Bing, DuckDuckGo)
You’ve probably seen a sponsored link or article that looks totally legitimate in your search results. It might even be ranking at the top of your search results, and the domain looks familiar. Everything seems normal. So you click - and land on a site built to steal your sensitive data.
Some of these traps only trigger when you arrive through a specific ad, which makes them harder to spot. Others drop a tracking cookie, then switch back to normal-looking content to wipe the trail and avoid detection.
By the time you realize something is wrong, the damage may already be done..
Examples of fake domains:
1ihch[.]us
App[.]1lnch[.]su
You can trust 1inch with many things - including that we know how to spell our own name. So, always verify URLs. Bookmark platforms’ official sites, like 1inch.com. Never rely on search results alone!
2. Social media account takeovers (ATO)
Do you think official channels can’t be compromised? You’re wrong. It could be just an angry intern. But it could be much worse.
For instance, discord hacks posted fake domains like 1inchio.app
Twitter/X compromises shared links like dapp-1inch[.]com
If a post asks you to connect your wallet urgently, take a pause. Verify via multiple official channels.
3. Fake apps from official stores
You probably think that if an app is listed in the App Store or Google Play, it’s safe. But scammers have repeatedly slipped past review checks and uploaded malicious versions of apps to official stores.
Fake apps can drain your wallet! So, don’t search app stores directly.
Instead, get the official app link from platforms, like 1inch.com.
4. Token approvals
You wouldn't sign a blank bank cheque. Well, you wouldn't sign a cheque at all, because it's not 1996. But why would you approve a transaction with an unlimited amount?
Use tools like:
Etherscan Approval Checker
Revoke.cash
Be careful: scammers create fake revoke sites too.
Approval scams exploit the ERC-20 approve() function. Once you grant unlimited approval, a malicious contract can drain tokens later - even if you withdraw from the platform.
If you approved an unlimited amount of tokens, revoke the approval immediately.
5. IPFS scams
Some users use InterPlanetary File System, a peer-to-peer (P2P), decentralized network protocol, to have a backup access point or avoid possible censorship. 
1inch also uses IPFS - as a deployment mirror. And that’s legitimate.
But scammers also use IPFS - to host malicious mirrors. Don’t try to search for 1inch’s IPFS link online: you may end up clicking a malicious one. 
Always use the official IPFS link from 1inch.com:
bafybeiajfrgxbbeznejyj4arwjmor25ggejrjxe27do5lhnmkta6usji7a.ipfs.dweb.link
6. Fake YouTube videos
If a YouTube video promises magical MEV bots, guaranteed arbitrage, a “send 1, get 2 back” deal or claims that Elon Musk will double your crypto, it’s most likely a scam.
These scam videos often involve hacked YouTube accounts renamed to Tesla or SpaceX or famous personalities. Bots inflate views to trick algorithms.
MEV bot scams are especially dangerous. They instruct users to copy-paste Solidity code. Running it drains your wallet.
The code may assemble a suspicious address like this one used by scammers:
0xFC360216Db687A7669F6dDaF20c9e37322E4A12e
If it promises you free money, you’re likely to lose yours.
7. “Bitcoin Revolution” scams
You’ve probably seen fake news articles or videos where wealthy people like Richard Branson or Elon Musk promote some project, promising a Bitcoin revolution.
They promise easy profits - if you just deposit money on a certain platform. But there’s a catch: when you try to withdraw your funds, it doesn’t work.
So, stay away.
8. Fake exchanges and investment platforms (“pig butchering”)
These platforms have:
no liquidityfake registration detailsfake support staff.
Any “crypto investment” platform promoted via unsolicited WhatsApp, SMS, Viber, iMessage or phone calls should be treated as a scam.
9. Twitter/X verified scams (fake giveaways)
Hijacked or purchased verified accounts rename themselves to, for instance, Elon Musk (why is it always Elon?), and promise giveaways.
They reply under legitimate posts to appear authentic.
Common red flags.
10. Discord DM spam
Sorry, but the real Elon will never DM you about an airdrop.
And nor will 1inch, Coinbase, Binance or the “next hot token.”
If someone DMs first - it’s a scam.
Do not click links in Discord bios. Consider all unsolicited DMs malicious.
11. Fake ICOs, memecoins, low liquidity tokens
If you invest in a fake ICO or rug token, you likely won’t see your funds again.
Approval scams tie into this. If you approve a malicious contract, it can drain your tokens later.
The UniCats example shows how a user approved infinite USDC spending - and lost $140K.
Memecoins often leave buyers holding unsellable tokens.
Avoid hype-driven, high-APR schemes promising 4000% returns.
12. Approval scams
Many users think: “If I don’t share my seed phrase, I’m safe.”
Not always.
ERC-20’s approve (address spender, uint256 value) allows third parties to transfer tokens on your behalf.
Threat actors exploit this.
Never approve unlimited spending. Revoke unused approvals regularly.
13. Fake DEXes and CEXes impersonating legitimate platforms
It doesn’t matter who asks - never share your private key or seed phrase.
There is no such thing as:
wallet synchronizationrectificationremediationERCSYNCfee reduction portalversion upgrade requiring seed phrase
These are all invented buzzwords used to steal assets.
14. Compromised device
Security doesn’t stop at contracts. Attackers are always looking for ways to sneak malicious code onto your device.
Never clone untrusted GitHub repos. Never mine crypto and use a wallet on the same device. Use 2FA.Ideally use a dedicated device for signing transactions.Watch for clipboard malware replacing wallet addresses.Beware hidden background transactions.
Even hardware wallets can be compromised if the device is infected.
15. Fake phone support
Legitimate projects do not call you. You’ll never get a call from Trezor, 1inch or Ledger. 
Similarly, don’t try to Google “Trezor phone support” and call the first result. Those numbers are scams.
Never enter your seed phrase anywhere.
16. SIM swapping
Another common attack vector: malicious actors attempting to hijack your mobile device.  Some tips to stop this happening:
If your mobile phone service suddenly drops - assume a SIM hack.Use authenticator apps, not SMS.Enable single-device mode.Keep backup codes.Use a YubiKey.
17. Social engineering and physical attacks
Scams aren’t always digital. Attackers still use the playbook of the old-school confidence trickster - or plain physical theft - to figure out your assets and get hold of them.  So:
Never disclose holdings publicly.Separate your hardware wallet and seed phrase - don’t store them together.Scrub metadata from photos.Ignore sextortion emails demanding BTC.There has been a rise in physical “wrench attacks” targeting crypto holders.
Be discreet. Stay vigilant.
*
To protect yourself, always verify the domains you are interacting with. Here is a list of legitimate 1inch properties you should bookmark:
1inch.com - the official domain
1inch.network - community/DAO
business.1inch.com - 1inch Business

Useful security tools:
Revoke.cash - break old links to suspicious sites
Token Sniffer - instant "scam score" for new coins
Bubble Maps - see if "insiders" are hiding their tokens
Pocket Universe - a popup that explains what you're signing
Tenderly - detailed "dry-run" of any transaction
GeckoTerminal - track DEXs, discover trending pairings, and explore pool metrics such as transaction counts, TVL, and token activity
A few tips for better security:
Direct access: Always type the URL directly into your browser or use a trusted bookmark. Never click on search engine results or ads for DeFi platforms.Verify social links: If a deal on Discord or Twitter looks too good to be true (like a surprise airdrop), double-check with other official channels before clicking.Check the URL carefully: Scammers use "typosquatting" (e.g., 1lnch instead of 1inch). Look for subtle misspellings in the domain name.Revoke old approvals: Use revoke cash to remove unnecessary old token approvals. Always set a limited spend cap, not unlimited.Avoid unsolicited DMs on Discord/X/others: Chances are they may be dishonest, better not risk it.Use cold storage and multi sig: Never keep a large amount of assets on hot storage. For big contracts use multi signatures.Never jump on a hasty call via dodgy meeting software. Be cautious of fake SDK update prompts impersonating software like Zoom.Always patch everything - OS, wallet, browsers, EDR/AV, router firmware and so on
To learn more about security in DeFi, check these guidelines from Phishfort and subscribe to the 1inch newsletter!

I risultati di un sondaggio recentemente condotto tra oltre 8.000 individui da 1inch, Bitget Wallet, Ondo, BOB, DaGama e SafePal rivelano una prospettiva ottimistica sulla crittovaluta nel 2026.
Gli utenti DeFi sono ancora ottimisti.
Questo è uno dei risultati principali di un sondaggio su larga scala condotto da 1inch e realizzato in collaborazione con altri cinque importanti attori nel segmento DeFi.
Il 72% dei rispondenti globali ha espresso ottimismo sul futuro del settore delle criptovalute, ha rivelato il sondaggio, con gli Stati Uniti che riportano livelli ancora più alti (82%).

Aqua è il nuovo livello di liquidità di 1inch, progettato per trasformare il modo in cui funzionano le strategie di capitale e rendimento nel DeFi. Lo stiamo rilasciando prima agli sviluppatori di Web3, così possono iniziare a costruire e verificare le possibilità di questo approccio radicale.
Aqua, il nuovo protocollo sviluppato da 1inch, rivoluziona l'accesso alla liquidità e l'efficienza del capitale nel finanziamento decentralizzato.
In poche parole: con Aqua, puoi condividere asset attraverso più strategie, simultaneamente - senza bloccare e mantenendo i tuoi fondi nel tuo portafoglio. Il risultato? Le strategie non devono più competere per la liquidità - quindi ogni rete vede una maggiore efficienza e un potenziale volume di transazioni.

In questo post, esploriamo i fattori chiave che limitano quanto efficientemente e flessibilmente la liquidità possa essere utilizzata nel DeFi.


La fornitura di liquidità è diventata una delle attività più comuni nel DeFi, alimentando tutto, dai swap ai mercati delle stablecoin. Eppure, il modo in cui la liquidità opera oggi crea ancora diverse sfide per gli utenti che vogliono fornire beni in modo efficiente. Molte di queste sfide derivano da come l'ecosistema si è sviluppato nel corso degli anni, con ogni protocollo che introduce il proprio modello di liquidità e requisiti. Il risultato è un sistema che funziona, ma spesso richiede più sforzo, più capitale e più attenzione di quanto dovrebbe.

Questa collaborazione migliora la sicurezza DeFi con la rilevazione delle minacce alimentata dall'IA.
Più cresce DeFi, più cattivi attori mettono alla prova le sue difese. 1inch lavora costantemente per mantenere un perimetro di sicurezza robusto. Ma poiché gli hacker si muovono più velocemente per trovare nuovi vettori di attacco, la protezione deve evolversi altrettanto rapidamente.
Una risposta risiede nella costruzione di partnership che portano nuovi approcci alla sicurezza. L'ultima di queste integra l'IA predittiva di Innerworks, l'intelligenza avanzata dei dispositivi e gli strumenti di hacking etico di RedTeam con il sistema di difesa proattivo di 1inch, stabilendo un nuovo standard per la sicurezza in DeFi.

Questa funzionalità arriva come un importante miglioramento dell'UX, consentendo agli utenti di scambiare direttamente le valute native delle reti in un flusso a un passaggio - più veloce, più sicuro e più semplice.
Su 1inch, ogni nuova funzionalità è progettata per ridurre l'attrito e aumentare l'efficienza. Il lancio degli scambi di valute native delle reti segna un altro grande passo verso la creazione di scambi di criptovalute il più fluido e intuitivo possibile.
D'ora in poi, puoi scambiare i token nativi di una rete - come ETH su Ethereum o POL su Polygon - in qualsiasi altra moneta in un singolo passaggio utilizzando la funzionalità basata su intenti o cross-chain di 1inch. Nessun imballaggio manuale, nessuna giocoleria con più approvazioni. Solo una conferma, e il tuo scambio è fatto.