Articles
DeFi

Another DeFi protocol hacked as Sui-based Volo hit by $3.5M exploit

User Image

Par Anonyme

Créé April 22, 2026|2 mins de lecture
Main Image

Volo Protocol has confirmed a $3.5 million exploit affecting select vaults, adding that it has frozen assets and started fund recovery efforts amid ongoing investigation.

Decentralized finance (DeFi) protocol Volo has disclosed a security breach that resulted in the loss of approximately $3.5 million in digital assets, marking the latest incident in a series of exploits targeting DeFi platforms.

In a Wednesday post on X, the team said the attack affected select vaults and involved assets including Wrapped Bitcoin (WBTC), Matrixdock Gold XAUm and USDC (USDC). “We detected the attack, immediately notified the Sui Foundation and ecosystem partners to contain the damage, and froze the vaults to prevent any further exposure,” the team wrote.

The protocol added that around $28 million in total value locked across other vaults is safe, with the exploit limited to three isolated vaults and no shared vulnerability identified. It also revealed plans to absorb the losses rather than pass them on to users, though details of any remediation plan have yet to be finalized.

Volo is a liquid staking DeFi platform on the Sui blockchain, allowing users to stake their Sui (SUI) tokens and receive voloSUI (VSUI) in return. DeFi is already on edge, as the exploit comes as another liquid restaking protocol, Kelp, was hacked for approximately $293 million over the weekend, which has had a ripple effect across the broader ecosystem.

Related: Kelp DAO attacker moves $175M in Ether after exploit: Arkham

In two separate updates, Volo said it has frozen or blocked roughly $2 million of the stolen funds so far. In the first update, the protocol said that roughly $500,000 linked to the breach has already been frozen. In a later update, the team claimed it had successfully blocked an attempt by the attacker to bridge 19.6 WBTC, effectively removing those funds from the hacker’s control.

“We are now working with ecosystem partners to determine the best path to return these funds to Volo,” the protocol wrote.

As Cointelegraph reported, more than $17 billion has been stolen in crypto over the past decade, with private key compromises identified as one of the major contributing attack vectors, according to DefiLlama.

Related: ZachXBT asks MemeCore to explain valuation and token supply

Roughly 22.3% of incidents are linked to brute-force key compromises, 18.2% to unknown methods and 10% to phishing attacks on multi-signature wallets. The findings show that many of the biggest losses stem from wallet security and user-side weaknesses rather than protocol bugs.

Magazine: 53 DeFi projects infiltrated, 50M NEO tokens could be ‘given back’: Asia Express

Source: CoinTelegraph


D'autres articles publiés récemment

Bitcoin’s BIP 110 fork deadline nears with miner support at zero
Bitcoin’s BIP 110 fork deadline nears with miner support at zero

Bitcoin

The BIP 110 proposal would cap arbitrary data on Bitcoin for a year, but Saylor, Adam Back and other...

Empery Digital shares rise after selling Bitcoin to fund AI data center project
Empery Digital shares rise after selling Bitcoin to fund AI data center project

Bitcoin

The sales come months after a major Empery shareholder demanded the firm ditch its Bitcoin treasury ...

Bitcoin bulls Michael Saylor, Adam Back slam BIP-110 Ordinals proposal
Bitcoin bulls Michael Saylor, Adam Back slam BIP-110 Ordinals proposal

Bitcoin

The ongoing debate comes despite a broad downturn in Ordinals transaction activity over the last two...

Lending protocol Bonzo loses 77% of value locked as $9 million oracle exploit rattles Hedera
Lending protocol Bonzo loses 77% of value locked as $9 million oracle exploit rattles Hedera

Crypto Market Analysis

Bonzo Lend lost approximately $9.05 million after an attacker exploited a verification flaw in a thi...

AI found an Ethereum bug that could take validators offline, but humans had to prove it
AI found an Ethereum bug that could take validators offline, but humans had to prove it

Ethereum

The Ethereum Foundation pointed coordinated AI agents at the software its validators run and got a r...

Bitcoin treasury company Empery Digital sold about half of its BTC stack
Bitcoin treasury company Empery Digital sold about half of its BTC stack

Bitcoin

It's a sign of the times as the troubled company swaps its bitcoin treasury ambitions for AI data ce...