Velvet Capital DeFi Protocol Forced to Temporarily Shut Down Website Due to Phishing Attempt

Decentralized finance (DeFi) asset management protocol Velvet Capital recently faced a major phishing attempt, leading to the temporary deactivation of its website. The incident was brought to light when members of the crypto community reported unusual activity on Velvet Capital’s trading platform on April 23. Users attempting to access the front-end of the website were prompted to approve wallet access to the protocol.

Following internal investigations, Velvet Capital issued a cybersecurity alert, warning investors to deny all wallet connect requests from the application until further notice. The protocol also advised users who may have approved fraudulent requests to revoke wallet access to prevent any potential loss of funds. Additionally, Velvet Capital took the precautionary measure of deactivating the application to minimize further risks for investors.

Founder Vasily Nikonov announced the website closure on Telegram, stating, “ATTN, don’t interact with the Velvet website, we’re closing it for maintenance and investigating the issue, we will issue a post-mortem once the issue is solved.” Nikonov reassured users that smart contracts were not impacted, and funds on Velvet were secure. He also mentioned that no users had reported any losses as of the time of the announcement.

Blockchain investigation firms Blockaid and Scam Sniffer confirmed the website hack before Velvet Capital’s official announcement. Users who had conducted transactions on Velvet Capital since April 23 were advised to reach out to the protocol’s team for remediation if they suspected any unauthorized activity.

This incident is not the first of its kind in the DeFi space, as similar front-end hacks have affected protocols like Aerodrome and Velodrome in the past. These platforms also issued warnings to users and initiated investigations to address the security breach.

According to blockchain investigator ZachXBT, the attackers behind the Velvet Capital hack managed to steal approximately $40,000 worth of crypto assets. This highlights the ongoing threat posed by phishing attacks and the importance of maintaining vigilance when interacting with DeFi platforms.

As the investigation into the Velvet Capital incident continues, the protocol’s team is working diligently to regain control of the website and ensure the security of user funds. Investors are reminded to exercise caution and follow the protocol’s guidance to protect their assets in the evolving landscape of decentralized finance.