The liquid staking protocol Volo Protocol suffered a security breach this Wednesday resulting in the theft of 3.5 million dollars in digital assets from the Sui network. According to developers confirming the event through official channels, the exploit affected three specific vaults, successfully freezing a significant portion of the stolen funds. The Volo Protocol hack forced the immediate suspension of operations in the affected vaults to contain the damage.
The technical incident involved assets such as Wrapped Bitcoin (WBTC), Matrixdock Gold (XAUm), and the USDC stablecoin. The development team notified the Sui Foundation and various ecosystem partners immediately after detecting the breach. In an official communication, the protocol confirmed that approximately 500,000 dollars linked to the attack have already been successfully immobilized.
đź”’ Security Incident Update – Volo Protocol
We want to address our community directly and transparently about a security incident that occurred earlier today. Rest assured, Volo is prepared to absorb any loss.
What happened:
An exploit resulted in the removal of approximately…
— Volo (@volo_sui) April 21, 2026
Subsequently, recovery efforts allowed the team to block further transfer attempts by the attacker. Specifically, the team transfer attempts managed to stop 19.6 WBTC that the perpetrator was trying to move through a bridge to another network. With these actions, the total amount recovered or blocked rises to nearly 2 million dollars, significantly reducing the net impact on the project’s treasury.
This event occurs just days after the Lazarus Group managed to breaching the bridge of KelpDAO to steal 292 million dollars. The temporal proximity of both events has increased nervousness within the decentralized finance sector. However, Volo representatives clarified that the remaining 28 million dollars in total value locked within the protocol remains secure. Preliminary audits suggest that the vulnerability is not shared with other platform functions.
Fund freezing and compensation plans for affected users
From a market perspective, the attack on Volo highlights a persistent trend in digital asset security. Although the Move programming language, used in Sui, is recognized for its safety features, errors in individual contract logic remain a critical vector.
Recent industry history shows that more than 17 billion dollars have been stolen over the last decade according to official data compiled by analysis firms. In this context, Volo’s commitment to absorb losses without affecting users is a move aimed at preserving trust in an ecosystem still considered young.
On-chain analysts suggest that this incident could accelerate the implementation of automatic circuit breakers within Sui network protocols. The fact that a large portion of the loot was blocked in less than 24 hours indicates efficient coordination between validators and bridges. However, the theft exposes that even protocols with moderate TVL are under the radar of sophisticated attackers who exploit any fissure in the integration of external assets like WBTC.
The project management announced it is working on a detailed remediation plan to be presented in the coming days. The current priority is the return of frozen funds to the original vaults. This type of incident underscores the fragility of DeFi infrastructure when facing complex attack vectors that go beyond simple coding errors.
Volo Protocol plans to issue an exhaustive post-mortem report to detail the exact method used by the attacker. For now, the affected vaults remain paused while the forensic investigation is completed. Users can monitor updates through the protocol’s official dashboard, where the exact date for reopening deposits and withdrawals will be confirmed.
This article is for informational purposes and does not constitute financial advice.
