The Velvet Capital team has issued a warning to users to refrain from connecting their digital wallets to the protocolβs website due to a potential front-end attack.
Velvet Capital is a decentralized finance (defi) protocol that serves as an asset management dashboard and may have been targeted by hackers exploiting vulnerabilities in the websiteβs front-end. In a recent post, the team disclosed that the website experienced a front-end attack, which could have allowed malicious actors to exploit vulnerabilities and potentially compromise user data or perform unauthorized actions on the platform.
Some users encountered issues while trying to access the app today. Please avoid interacting with Velvet’s front-end as we are temporarily closing it for maintenance and conducting an investigation. We will provide a post-mortem report once the issue is resolved.
While the details of the attack are still unclear, the Velvet team assured users that they have identified the issue promptly and are working with security researchers to address the malicious activity. They emphasized that the protocol’s smart contracts remain unaffected, with the issue being isolated to the front-end. Users are advised not to engage with the website until further notice.
No known users have been affected by the incident. If you interacted with Velvet on April 23 after 12:30am UTC and suspect that you were impacted, please submit a ticket on Discord.
A spokesperson for Velvet Capital mentioned in a Telegram post that there have been no reported impacts on users. However, individuals who believe they have been affected by the attack can seek assistance by creating a ticket on the projectβs Discord server. On the other hand, analysts at the blockchain analytics firm Scam Sniffer suggest that there might be victims, although no further details were provided at this time.
Velvet Capital, which received backing from Binance Labs in late 2022, is the latest Binance-supported project to experience security breaches. This incident follows a similar attack on the permissionless money market protocol OpenLeverage, also backed by Binance Labs, earlier in April. The attack on OpenLeverage resulted in a $236,000 loss allegedly caused by an attack funded through Tornado Cash.
For more information on security breaches in the cryptocurrency space, stay updated with Global Crypto News.