Velvet Capital Goes Offline to Allay Frontend Phishing Attack

Velvet Capital takes a drastic measure to allay a potential attack on its website.

Purple velvet robot unplugging a server room.
Created by Gabor Kovacs from DailyCoin
  • Velvet Capital has flagged a potential attack on its website.
  • The protocol took a drastic measure to mitigate the incident.
  • Some users could have been affected by the incident.

Binance-backed DeFi protocol Velvet Capital was compelled to take drastic action on Monday, shutting down its website in response to a highly concerning phishing attack on the front end.

The incident occurred just as the asset management protocol was reinforcing its security measures to safeguard users against crypto-fashioned attacks. On April 22, Velvet Capital proactively released its custom bloXroute Protect RPC, a robust tool designed to shield users from MEV Frontrunning and Sandwich Attacks.

Velvet Capital Security Breach

Barely a day after touting the new security tool, Velvet Capital seemingly suffered a breach on its website, potentially endangering user funds. On April 23, X (Twitter) crypto community members reported unusual activity on the protocol’s website, prompting them to approve their wallet access when connecting to the front end.


Following the reports, the Velvet Capital team sprung into action, issuing an “urgent security alert “on Telegram.

“A security concern has emerged with the Velvet Capital website, suspected to have been compromised. Users are urgently advised not to connect their digital wallets 🚫💼 or make transactions until further notice. The development team is actively investigating the situation 🕵️‍♂️🔍 and working on security measures.”

Moments after the alert, Velvet Capital founder Vasily Nikonov announced the website shut down and urged users to avoid interactions with the front end. While the Velvet team promised to issue a post-mortem once the issue is solved, some users could have already lost funds.

Potential Loss of User Funds

According to Nikonov, users who approved any transactions on Velvet Capital since April 23, 5:39 a.m. UTC, could have been victims of the cyberattack.


Reiterating that “the smart contracts are not impacted and funds on Velvet are not affected,” Nikonov advised users who had confirmed transactions during the above period to open a ticket on Discord and share more details with the Velvet Capital team for remediation.

As of press time, the protocol has yet to issue any further update on the matter.

Read about Thailand’s solution to crypto-fueled cybercrime:
Thailand SEC Tightens Crypto Crackdown to Target Cybercrime

Stay updated on the phishing ads that recently targeted Etherscan users:
Crypto Scammers Target Etherscan Users with Massive Phishing Ads

This article is for information purposes only and should not be considered trading or investment advice. Nothing herein shall be construed as financial, legal, or tax advice. Trading forex, cryptocurrencies, and CFDs pose a considerable risk of loss.

Brian Danga

Brian Danga, a Kenyan crypto reporter, is dedicated to delivering breaking news and updates from the cryptocurrency world. With a background as a Web3 writer and project manager, he recognizes the importance of unbiased reporting. Holding an LLB degree from the University of Nairobi, Brian's analytical skills contribute to his accurate news reporting. His personal interests include cooking, watching documentaries, reading, and engaging in intellectual discussions.