Binance Labs-backed Velvet Capital forced offline to prevent phishing attack

cyptouser7 months agoCryptocurrencies News105
1205f261>

Decentralized finance (DeFi) asset management protocol Velvet Capital was forced to deactivate its website temporarily to prevent a major phishing attempt. 

Crypto community members on X reported unusual activity on Velvet Capital’s trading platform on April 23. Users trying to connect to the front-end were prompted to approve their wallet access to the protocol.

Internal investigations led Velvet Capital to issue a cybersecurity alert, advising investors to deny all wallet connect requests from the application until further notice.

Velvet Capital issues alert against a possible website compromise. Source: Velvet Capital

Investors who might have approved the fraudulent request need to revoke wallet access to the protocol to avoid any loss of funds. In addition, Velvet Capital deactivated the application to minimize any further losses for investors.

Velvet Capital takes down comprimized website for further investigation. Source: v2.velvet.capital

Velvet Capital founder Vasily Nikonov announced the website closure on Telegram:

“ATTN, don’t interact with the Velvet website, we’re closing it for maintenance and investigating the issue, we will issue a post-mortem once the issue is solved.”

Nearly two hours after the website closed down, Nikonov said he was working with the tech team and security researchers to regain control of the website from hackers.

Source: Velvet Capital

Blockchain investigation firms Blockaid and Scam Sniffer had confirmed the website hack before Velvet Capital’s official announcement about the breach. Users who confirmed any transactions on Velvet Capital since April 23, 5:39 am UTC may be victims of the cybercrime.

Nikonov advised such users to open a ticket on Discord and share the transaction details with the Velvet Capital team for remediation. He added:

“Rest assured that the smart contracts are not impacted and funds on Velvet are not affected, we’re investigating the front-end issue that some of the users faced this morning and will share the results asap.”

Nikonov highlighted that no users reported losses as of 6:50 am UTC.

Related: How to revoke smart contract access to your cryptocurrency

DeFi protocols Aerodrome and Velodrome suffered similar front-end hacks on Nov. 28, 2023. The two platforms posted announcements on X stating their front ends were compromised and asked users not to interact with the platforms while investigations were underway.

Source: Aerodrome

According to blockchain investigator ZachXBT, the attackers managed to get away with roughly $40,000 worth of crypto assets at the time.

Magazine: Lazarus Group’s favorite exploit revealed — Crypto hacks analysis

The content on this website comes from the Internet. Due to the inconvenience of proofreading the authenticity and accuracy of the copyright or content of some content, it may be temporarily impossible to confirm the authenticity and accuracy of the copyright or content. For copyright issues or other issues caused by this, please Call or email this site. It will be deleted or changed immediately after verification.

related articles

Bitcoin's Environmental Impact: Separating Fact from Fiction

Bitcoin’s potential environmental benefits highlight a stark contrast with the traditional financial...

Marathon Digital Holdings CEO Discusses Bitcoin Landscape

In a recent interview with CryptoSlate at BTC Prague 2024, Fred Thiel, CEO of Marathon Digital Holdi...

Bitcoin ETF decision may be ‘imminent’ as VanEck, Grayscale file exchange registration form: Bloomberg Analyst

Three hopeful ETF candidates, Grayscale and Fidelity, and VanEck have now filed their form 8-A with...

Saylor predicts SEC will designate Ethereum as a security and deny spot ETF applications this summer

MicroStrategy executive chairman and co-founder Michael Saylor believes the SEC will classify Ethere...

Bitcoin's price risk slumping to $36k if SEC denies ETF applications, Matrixport warns

The U.S. Securities and Exchange Commission (SEC) might end up rejecting all applications for a spot...

Jamie Dimon praises AI tech, saying JP Morgan could use it in 'every single process'

Jamie Dimon, the CEO of JP Morgan Chase, praised various applications for artificial intellige...