DeFi Platform Volo Hit by $3.5M Vault Attack, Launches Recovery Efforts
Decentralized financial (DeFi) protocol Volo has disclosed a security breach that led to the loss of nearly $3.5 million worth of digital assets, the latest in a series of exploits targeting DeFi platforms.
In a post on XWednesday, the group said the attack affected select cryptocurrencies and affected assets including Wrapped Bitcoin (WBTC), Matrixdock Gold XAUm, and USDC (USDC). “We discovered the attack, immediately notified Sui Foundation and ecosystem partners to contain the vulnerability, and froze the components to prevent further exposure,” the team wrote.
The protocol added that a total value of approximately $28 million was locked in other safes, that exploitation was limited to three independent safes and shared vulnerability was not disclosed. It has revealed plans to absorb the losses rather than pass them on to consumers, although the details of any restructuring plan have yet to be finalised.
Volo is a liquid DeFi platform on the Sui blockchain, which allows users to upload their Sui (SUI) tokens and receive voloSUI (VSUI) in return. DeFi is already on the edge, with the exploit coming as another liquid exchange protocol, Kelp, was hacked for around $293 million over the weekend, impacting the wider ecosystem.
Related: Kelp DAO Attacker Moves $175M in Ether After Exploit: Arkham
Volo freezes a portion of the lost funds
In two separate updates, Volo said it has so far frozen or frozen about $2 million of the stolen funds. In the first update, the protocol said it had already frozen approximately $500,000 related to the breach. In a later update, the team said it had successfully blocked the attacker's attempt to bridge 19.6 WBTC, removing the funds from the hacker's control.
“We are working with ecosystem partners to determine the best way to return these funds to Volo,” the protocol wrote.
Crypto hackers demand 17 billion dollars in 10 years
According to Cointelegraph, more than $17 billion has been stolen in crypto over the past decade, with private key agreements identified as one of the main contributing factors in the attacks, according to Defillama.
Related: ZachXBT Asks MemeCore to Clarify Evaluation and Token Offering
Approximately 22.3% of incidents are related to brute-force key compromise, 18.2% to unknown methods, and 10% to phishing attacks against multi-signature wallets. The findings show that many of the biggest losses stem from user-side weaknesses rather than wallet security and protocol errors.
Magazine: 53 DeFi Projects Hacked, 50M NEO Tokens May Be ‘Reclaimed': Asia Express
