Decentralized finance (DeFi) asset management protocol, Velvet Capital, recently faced a significant phishing attempt, leading to the temporary deactivation of its website.
On April 23, members of the crypto community noticed unusual activity on Velvet Capital’s trading platform. Users trying to access the front-end were prompted to grant wallet access to the protocol. As a result, Velvet Capital conducted internal investigations and issued a cybersecurity alert, advising investors to reject all wallet connect requests from the application until further notice.
Investors who may have approved fraudulent requests were urged to revoke wallet access to the protocol to prevent any potential loss of funds. Additionally, Velvet Capital took the necessary steps to deactivate the application temporarily in order to minimize further losses for investors.
Velvet Capital founder, Vasily Nikonov, announced the closure of the website on Telegram. He stated that he was collaborating with the technical team and security researchers to regain control of the website from the hackers.
Prior to Velvet Capital’s official announcement about the breach, blockchain investigation firms Blockaid and Scam Sniffer had confirmed the website hack. Users who had made any transactions on Velvet Capital since April 23, 5:39 am UTC, may be victims of this cybercrime.
Nikonov advised affected users to open a ticket on Discord and provide the transaction details to the Velvet Capital team for remediation. He also reassured users that no losses had been reported as of 6:50 am UTC.
This incident is reminiscent of the front-end hacks experienced by DeFi protocols Aerodrome and Velodrome on November 28, 2023. Both platforms had issued announcements, urging users not to engage with the compromised front ends while investigations were underway.
According to blockchain investigator ZachXBT, the attackers managed to steal approximately $40,000 worth of cryptocurrency assets during the incident.
For more insights on crypto hacks, refer to the analysis of Lazarus Group’s preferred exploit in the magazine.