Velvet Capital, supported by Binance Labs, has been forced offline to prevent a phishing attack

Decentralized finance (DeFi) asset management protocol Velvet Capital has been forced to temporarily disable its website to prevent a major phishing attempt.

Crypto community members on X reported unusual activity on the Velvet Capital trading platform on April 23rd. Users trying to connect to the front-end are asked to enter their wallet into the protocol.

Internal investigations led Velvet Capital to issue a cybersecurity alert, advising investors to decline all wallet linking requests from the app until further notice.

Investors who approve the fraud request must revoke access to the protocol wallet to avoid any financial loss. Velvet Capital also deactivated the app to minimize further losses for investors.

Velvet Capital founder Vasily Nikonov announced the closure of his website on Telegram:

“ATTN, do not interact with Velvet's website. We are shutting it down for maintenance and investigating. We will conduct an autopsy once the problem is resolved.”

Two hours after the website was shut down, Nikonov said it was working with its tech team and security researchers to regain control of the website from the hackers.

Blockchain investigative firms Blockaid and Scam Sniffer confirmed the hack of the website before Velvet Capital made a public statement about the breach. Users who have verified any transactions on Velvet Capital since April 23, 5:39 am UTC may be victims of cybercrime.

Nikonov advises such users to open a ticket on Discord and share the details of the transaction with the Velvet Capital team to fix it. He added:

“Rest assured that the smart contracts are not affected and funds on Velvet are not affected, we are investigating the front-end issue that some users experienced this morning and will share the results as soon as possible.”

Nikonov highlighted that there were no users as of 6:50 am UTC.

Related: How to revoke access to your crypto contract

DeFi protocols Aerodrome and Velodrome experienced similar front-end hacks on November 28, 2023. The two platforms posted notices on X saying their front-ends were experiencing issues and asked users not to connect to the platform while investigations were underway.

According to blockchain researcher ZachXBT, the attackers got away with around $40,000 worth of crypto assets at the time.

Magazine: Lazarus Group's Favorite Exploit Revealed – Crypto Hacks Analysis