Velvet Capital, a decentralized finance (DeFi) asset management service provider, temporarily shut down its website to block a suspected phishing attack. On April 23, users reported strange behavior on Velvet Capital’s trading platform, and the company unexpectedly asked users to give wallet access when trying to use the service.
Internal investigations prompted Velvet Capital to issue a cybersecurity alert, advising investors to deny all wallet connection requests from the application until further notice.
Investors who might have approved the fraudulent request were urged to revoke wallet access to the protocol to avoid any potential loss of funds.
Velvet Capital founder Vasily Nikonov announced the website closure via Telegram, stating, “ATTN, don’t interact with the Velvet website, we’re closing it for maintenance and investigating the issue, we will issue a post-mortem once the issue is solved.”
Nearly two hours later, Nikonov confirmed he was working with the tech team and security researchers to regain control of the website from hackers. Blockchain investigation firms Blockaid and Scam Sniffer had previously confirmed the website hack before Velvet Capital’s official announcement.
Users who confirmed any transactions on Velvet Capital since April 23, 5:39 a.m. UTC, may be victims of the cybercrime. They were advised to open a ticket on Discord and share transaction details for remediation. Nikonov assured that the smart contracts and funds on Velvet were not impacted while highlighting that no users reported losses as of 6:50 a.m. UTC.
Also Read: Google Ads Used to Promote Phishing Scams in Crypto Websites
