Volo Protocol, a decentralized finance protocol built on the Sui blockchain, has suffered a security breach that led to the loss of approximately $3.5 million in digital assets.

 

In an effort to maintain transparency, the team in an X post on Wednesday publicly announced the security breach. According to the team, the attack only affected assets in selected vaults, including Wrapped Bitcoin (WBTC), Matrixdock Gold XAUm, and USDC (USDC).

 

 

On detecting the breach, the team said it acted quickly to contain it and minimize further damage. It stated, “We detected the attack, immediately notified the Sui Foundation and ecosystem partners to contain the damage, and froze the vaults to prevent any further exposure.”

 

As of the time of its first reporting on the incident, the Volo team said that the $28 million in total value locked across other vaults was safe, adding that all vaults on the protocol were temporarily frozen pending a full postmortem and remediation. The team also said it was in damage control mode and was actively working with on chain investigators and ecosystem partners to recover the stolen funds.

 

The team released updates on the hack

Since the hack happened, the Volo team has, in three separate updates, transparently informed the community about the efforts being made to recover the stolen funds.

 

In the first two updates, the team said it was already working with ecosystem partners and had successfully frozen approximately $500 million of the stolen funds, while also intercepting and blocking the hacker’s attempt to bridge 19.6 WBTC. According to the Volo team, these funds were no longer under the hacker’s control.

 

In a third update, the team said it had already frozen $2 million of the stolen funds, and that together with ecosystem partners and security teams, it had flagged the hacker’s EVM addresses across the majority of centralized exchanges, swappers, and KYC tools.

 

The Volo protocol hack came shortly after the KelpDAO exploit and the Drift Protocol exploit, which led to a combined loss of over $570 million, and are currently the largest DeFi hacks that have occurred this year. So far, over $770 million has been lost to DeFi hacks this year.