The DeFi protocol, which is supported by leading exchange Binance, had to temporarily shut down its website as a result of the incident. This occurred during a period when the protocol was implementing enhanced security measures to safeguard users against hacking attempts. Just a day after the release of the RPC bloXroute Protect tool, designed to protect against sandwich bot attacks and MEV Frontrunning attacks, the platform’s website fell victim to the attack.
Users reported encountering unusual activity on the website, with prompts to confirm wallet access appearing unexpectedly on the external interface. To ensure user safety, the Velvet Capital team has explicitly advised against connecting wallets or conducting any transactions with the protocol until further notice. Security experts are currently investigating the incident.
Vasily Nikonov, the founder of Velvet Capital, reassured users that smart contracts and client funds remain secure. However, he did caution that those who approved transactions on the platform since April 23 at 5:39 UTC (8:30 Moscow time) may potentially have been targeted in the cyber attack. Individuals affected by this should promptly contact the Velvet Capital team to seek resolution.
In a separate incident, hackers recently exploited a vulnerability in the decentralized finance protocol Hedgey Finance, resulting in the unauthorized withdrawal of at least $1.9 million.