Home Cryptocurrencies NewsBinance Labs-backed Velvet Capital forced offline to prevent phishing attack
    Cryptocurrencies News
    0

    Binance Labs-backed Velvet Capital forced offline to prevent phishing attack

    2024.04.23 | exchangesranking | 36onlookers
    1205f261>

    Decentralized finance (DeFi) asset management protocol Velvet Capital was forced to deactivate its website temporarily to prevent a major phishing attempt. 

    Crypto community members on X reported unusual activity on Velvet Capital’s trading platform on April 23. Users trying to connect to the front-end were prompted to approve their wallet access to the protocol.

    Internal investigations led Velvet Capital to issue a cybersecurity alert, advising investors to deny all wallet connect requests from the application until further notice.

    Velvet Capital issues alert against a possible website compromise. Source: Velvet Capital

    Investors who might have approved the fraudulent request need to revoke wallet access to the protocol to avoid any loss of funds. In addition, Velvet Capital deactivated the application to minimize any further losses for investors.

    Velvet Capital takes down comprimized website for further investigation. Source: v2.velvet.capital

    Velvet Capital founder Vasily Nikonov announced the website closure on Telegram:

    “ATTN, don’t interact with the Velvet website, we’re closing it for maintenance and investigating the issue, we will issue a post-mortem once the issue is solved.”

    Nearly two hours after the website closed down, Nikonov said he was working with the tech team and security researchers to regain control of the website from hackers.

    Source: Velvet Capital

    Blockchain investigation firms Blockaid and Scam Sniffer had confirmed the website hack before Velvet Capital’s official announcement about the breach. Users who confirmed any transactions on Velvet Capital since April 23, 5:39 am UTC may be victims of the cybercrime.

    Nikonov advised such users to open a ticket on Discord and share the transaction details with the Velvet Capital team for remediation. He added:

    “Rest assured that the smart contracts are not impacted and funds on Velvet are not affected, we’re investigating the front-end issue that some of the users faced this morning and will share the results asap.”

    Nikonov highlighted that no users reported losses as of 6:50 am UTC.

    Related: How to revoke smart contract access to your cryptocurrency

    DeFi protocols Aerodrome and Velodrome suffered similar front-end hacks on Nov. 28, 2023. The two platforms posted announcements on X stating their front ends were compromised and asked users not to interact with the platforms while investigations were underway.

    Source: Aerodrome

    According to blockchain investigator ZachXBT, the attackers managed to get away with roughly $40,000 worth of crypto assets at the time.

    Magazine: Lazarus Group’s favorite exploit revealed — Crypto hacks analysis

    The content on this website comes from the Internet. Due to the inconvenience of proofreading the authenticity and accuracy of the copyright or content of some content, it may be temporarily impossible to confirm the authenticity and accuracy of the copyright or content. For copyright issues or other ssues caused by this, please Call or email this site. It will be deleted or changed immediately after verification.
    Related Reading
    < Previous Next >
    exchangesranking

    exchangesranking

    5361number of articles 0number of comments
    Author's other articles
    browse more
    Popular Articles
    Random Article
    Previous
    Tags
    Copyright www.exchangesranking.org Some Rights Reserved.
    Powered By EXCHANGESRANKING.ORG   Theme By 52FB