Volo Freezes Vaults After $3.5M Crypto Exploit Hits Key Asset Pools

Highlights:

• Volo froze all vaults after a $3.5M crypto exploit affected asset pools.
• Volo secured $500K of stolen funds and confirmed it will cover all user losses from the breach.
• About $28M in other vaults remained safe with no shared vulnerability found in the system.

Volo Protocol, a liquid staking platform built on Sui, confirmed a crypto exploit on April 21 that drained about $3.5 million from three vaults on its platform. The attack targeted vaults holding wrapped bitcoin, XAUm, and USDC assets used within the protocol. The team identified unauthorized withdrawals from these vaults and froze all vaults across the platform to stop further losses.

🚨 TODAY: Volo Protocol Exploit

Volo Protocol confirms a $3.5M exploit on its Sui-based vaults, with ~$500K already frozen during recovery.

The team says user funds won’t be affected and losses will be absorbed.

Recovery in progress 👀 pic.twitter.com/gm68BBGIA1

— Sui Insiders💧 (@SuiInsiders) April 22, 2026

Volo contacted the Sui Foundation and ecosystem partners to trace stolen funds and secure affected systems after detecting the exploit. The protocol posted updates on X to inform users about the breach, the affected vaults, and the steps taken to contain the incident.

The team stated that the exploit affected only the WBTC, XAUm, and USDC vaults within the platform. Volo confirmed that other vaults do not share the same vulnerability that allowed the exploit to occur. The protocol reported that about $28 million in total value locked across other vaults remains secure and unaffected.

Volo has not disclosed the technical cause of the exploit that allowed unauthorized withdrawals from the three vaults. The team has also not identified any attacker or group linked to the breach at this stage. The protocol confirmed that all vaults will remain frozen until the team completes its investigation and applies fixes to the affected contracts.

Volo Covers Losses While $500K Frozen and Funds Traced

Volo Protocol stated that it will absorb the full financial loss caused by the crypto exploit affecting its vaults. The team confirmed that users will not bear any losses linked to the $3.5 million breach. Users asked the platform how it would handle losses after the exploit affected assets stored in key vaults. The team said, “We want to be clear: Volo is prepared to absorb this loss. We will do our best not to pass this to our users.”

Volo worked with ecosystem partners to freeze part of the stolen assets shortly after detecting the exploit. The team secured about $500,000 in stolen funds by coordinating with partners across the network. These funds remain locked on-chain to prevent any transfer or withdrawal by the attacker.

Volo and on-chain investigators are tracking the remaining stolen funds across blockchain networks linked to the exploit. Most of the stolen assets remain under investigation as the team follows fund movements across addresses. The protocol continues to coordinate with partners to identify possible recovery paths for the stolen funds.

Volo confirmed that all vaults will remain frozen until the team completes its review and remediation process. The protocol has not provided a timeline for reopening the affected vaults to users. Volo will publish a post-mortem report explaining the exploit cause and the fixes applied after the investigation ends.

Volo Crypto Exploit Puts Focus Back on DeFi Security Risks

The Volo exploit follows recent crypto hacks that affected multiple decentralized finance platforms and infrastructure providers across the crypto sector. Attackers breached the ENS gateway eth.limo and targeted infrastructure linked to Vercel, which supports web services used by crypto applications.

The kind people at @eth_limo have warned me that there has been an attack on their DNS registrar. So please do not visit https://t.co/2EcsFBZY0b or other https://t.co/9nFLru9kS0 pages until they confirm that things are back to normal.

You can check my blog via IPFS directly…

— vitalik.eth (@VitalikButerin) April 18, 2026

The breach also followed a separate exploit involving Kelp DAO, which resulted in losses of about $292 million from a cross-chain protocol. Investigators linked that case to the Lazarus Group, a North Korea-backed hacking organization known for targeting crypto platforms. Volo has not linked its exploit to any known actor or group.

Repeated crypto exploits across vaults, bridges, and infrastructure services have forced DeFi platforms to review smart contract design and security systems. Users withdrew funds from several platforms after exploit reports raised concerns about the safety of assets stored in DeFi protocols.

Data from DeFiLlama shows that DeFi hacks have reached about $7.72 billion based on tracked incidents. Bridge-related exploits account for roughly $2.9 billion in additional losses across cross-chain protocols. Combined losses across decentralized finance now exceed $10 billion, according to the data.