ScoutGet the App

Volo Sui exploit

- Volo Protocol on Sui confirmed a $3.5 million vault exploit that halted 16 vaults and blocked the WBTC bridge. - About $500,000 was frozen immediately while the protocol said roughly $28 million remaining was safe and pledged to cover losses. - The incident underscores how vault-bridge integrations can cascade into rapid halts and user freezes during attacks. (banklesstimes.com)

Volo Protocol said an attacker stole about $3.5 million from three vaults on Sui and forced the platform to freeze all vaults. (financefeeds.com) The protocol said the breach hit vaults holding Wrapped Bitcoin, XAUm and USDC, and that 16 vaults were halted while the team investigated. Volo disclosed the incident on April 21 and said the rest of its funds were not touched. (bitcoin.com) Volo said it froze about $500,000 soon after the attack and blocked an attempt to bridge out 19.6 Wrapped Bitcoin, a tokenized version of bitcoin used on other chains. The team also said roughly $28 million in total value locked in other vaults remained safe and that users would be made whole. (blockport.io) A vault is a pooled smart-contract product that takes deposits and moves them according to preset rules, often to earn yield. A bridge is the rail that moves tokens from one blockchain to another, which can let stolen assets leave a network quickly if it is not stopped in time. (docs.sui.io) Volo describes itself as a liquid staking and BTCFi platform on Sui, the blockchain developed by Mysten Labs for high-throughput decentralized applications. On Sui, assets are handled as onchain objects, a design the network says is built for speed and composability across apps. (sui.io) Several reports citing Volo’s statement said the breach was tied to a compromised admin private key rather than a flaw in Sui itself. Sui’s own security materials say smart-contract risk in the ecosystem can also come from operational failures such as key management, not only from code bugs. (bitcoin.com) (blog.sui.io) The freeze contained the losses, but it also locked ordinary users out of vault withdrawals while the response unfolded. That trade-off is common in decentralized finance: protocols use emergency controls to stop an attack, and those same controls can interrupt access for everyone else. (beincrypto.com) Volo said it was working with the Sui Foundation and other ecosystem partners on recovery and forensic steps after the attack. For users, the immediate question is no longer whether the vaults were hit, but how quickly frozen funds can be recovered and normal vault access can resume. (cryptotimes.io)

Get your own daily briefing

Scout delivers personalized news, insights, and conversations tailored to your role and industry.

Download on the App Store

Shared from Scout - Be the smartest in the room.