Majority of plundered crypto restored in swift turnaround following security breach

Volo, a liquid staking protocol on the Sui blockchain, has come up with the fourth update of its recovery plan. A few hours ago, the team shared that they have been able to identify the culprit of the attack and have also contained its impact.

As per Volo’s calculation, the net loss in this attack was roughly $200K. Remarking on the same, the team noted, “Volo will compensate in full from our existing Treasury balance.”

With further plans to release “a full back-to-business plan,” the team assured the community that the users will not face any losses anymore.

What really happened?

On 22 April, a security breach snapped $3.5 million in Wrapped Bitcoin [WBTC], Matrixdock Gold [XAUm], and Circle’s $USDC from three vaults.

About 50% of the XAUm and WBTC holdings were sent to $USDC. Taken together, the stolen funds were then bridged to Ethereum [$ETH] and also converted to $ETH. However, the leftover $USDC was caught in time and locked, preventing the hackers from stealing it too.

Expanding on its recovery efforts, Volo added,

We have successfully recovered 90% of the stolen funds, which have since been converted back to stablecoins and bridged back to Sui. These funds are now safe with Volo.

How were WBTC, XAUm, and $USDC saved from further losses?

The recovered funds were moved back under Volo’s wallet addresses. In that movement, 19.6 WBTC were caught while it was being moved via the LayerZero bridge.

Source: Volo/X

In fact, the Volo team was successful in recovering those funds and has sent them back to the $ETH network already. Going forward, that aforementioned amount will be bridged back to Sui in Volo’s control.

Additionally, 100.6 XAUm were previously frozen, but then with Sui’s help, they were unlocked and returned to Volo’s wallet. However, in the breach, the attacker had already sold some XAUm. Therefore, the remaining 115 XAUm will be recreated, replacing lost ones, and will be sent back to Volo.

As per the third recovery update, the hacker’s wallets were blocked across major platforms, along with Volo freezing $2 million in funds. In fact, as soon as Volo found out about the attack, the team successfully froze $500K worth of compromised assets.

At the same time, Volo acknowledged and assumed full responsibility for the losses.

Volo is prepared to absorb this loss. We will do our best not to pass this to our users.

Metrics painting a short-term strain

Since Volo was quick enough to respond to this attack, the Total Value Locked (TVL) of the Volo Protocol also saw a modest fall.

Source: DeFiLlama

As per DeFiLlama data, the TVL of Volo was $15.83 million on 22 April, which fell to $15.27 million on 26 April. Meanwhile, the SUI token also faced modest declines of 0.35% as it was changing hands at $0.9466 at press time.

Final Summary

Within just 4 days of the attack, the Volo protocol was quick enough to lock, freeze, and redirect funds to prevent further losses.

Acting as a partner, the Sui Foundation helped Volo recover the maximum funds lost in the security breach.