The Velvet Capital team advises against linking your digital wallets to the protocol’s site due to a possible security risk from an attack on the website’s user interface.
A decentralized finance (defi) protocol named Velvet Capital, functioning as an asset management dashboard, might have been attacked by hackers. On April 23rd, through a post on Reddit (X), the team announced that their website apparently underwent a front-end attack. As a result, malicious actors could exploit weaknesses and potentially gain access to user information or execute unauthorized actions on the platform.
HEADS UP: A few users have encountered problems when trying to access the app today. In the meantime, kindly avoid using Velvet’s front-end as we’re in the process of closing it for maintenance and troubleshooting. Stay tuned for an update on the situation, including a post-mortem analysis once the issue is resolved.
— Velvet.Capital (@Velvet_Capital) April 23, 2024
The Velvet team has quickly discovered and is currently working with leading security experts to address an unspecified attack on their platform. They want to assure users that the smart contracts associated with their protocol have not been compromised. The problem was found to only affect the front-end, and for safety reasons, users are advised to avoid using the website at this time.
Update:
No known users were impacted, if you interacted with Velvet on April 23 after 12:30am UTC and believe you were impacted – please create a ticket on Discord.
The team promptly identified the issue and, together with top security researchers, investigated the malicious…
— Velvet.Capital (@Velvet_Capital) April 23, 2024
A representative from Velvet Capital stated in a message on Telegram that no identified users were affected by the attack. They suggested that those who may have been impacted could submit a support ticket through the project’s Discord server. On the contrary, experts at Scam Sniffer believe that there were indeed victims, but they haven’t disclosed any information about it yet.
In late 2022, Velvet Capital received funding from Binance Labs. Since then, Velvet Capital has joined the list of projects supported by Binance Labs that have encountered security issues. Not long after, OpenLeverage, a money market protocol without permission requirements, which had previously secured backing from Binance Labs, suffered a hacker attack in early April. The attack reportedly led to a loss of approximately $236,000, allegedly facilitated through Tornado Cash.
Read More
Sorry. No data so far.
2024-04-23 13:18