Volo Protocol loses $3.5M in targeted Sui vault exploit

Volo Protocol suffered a security breach that led to the loss of approximately $3.5 million in digital assets after a targeted exploit hit a small set of its vaults on the Sui blockchain.

The incident affected assets including WBTC, XAUm, and USDC, prompting the team to immediately freeze all vault operations to prevent further damage.

The attack was quickly detected by the protocol, which then alerted the Sui Foundation and other ecosystem partners to assist in containment efforts.

Early action allowed the team to halt further withdrawals and limit the scope of the damage to only a few vaults.

According to the project’s official communication, the exploit was isolated to three specific vaults, while the remaining system infrastructure was not impacted.

Despite the loss, Volo Protocol emphasised that the broader platform remains structurally intact.

The team confirmed that approximately $28 million in total value locked (TVL) across other vaults has not been affected.

Immediate response and containment measures

Once the exploit was identified, Volo Protocol took several immediate steps to contain the situation.

All vaults were frozen across the platform, halting any further deposits or withdrawals.

The protocol also began working closely with on-chain security specialists and investigators to trace the movement of stolen funds.

In parallel, some of the attacker’s activity was partially disrupted, with reports indicating that around $500,000 worth of assets were successfully frozen during recovery efforts.

In addition, attempts to move approximately 19.6 WBTC through bridging mechanisms were also blocked, reducing potential losses.

The assets involved in the exploit included wrapped Bitcoin (WBTC), XAUm (a gold-backed token), and USDC.

These assets were removed from the affected vaults through what the team described as a targeted exploit, though full technical details are expected to be disclosed in a post-mortem report.

Volo Protocol prepared to absorb the financial loss

In its official statement, Volo Protocol confirmed that it is prepared to absorb the financial loss associated with the incident.

The team stated clearly that it intends not to pass the burden of the $3.5 million loss onto users. Instead, it plans to manage the recovery internally while continuing to secure the remaining vault infrastructure.

The project also highlighted that no evidence currently suggests a shared vulnerability across unaffected vaults.

This assessment was made after initial internal reviews and coordination with external ecosystem partners.

As a result, the remaining vaults are considered operationally safe, although still temporarily frozen as a precaution.

All vault activity will remain suspended until a full technical review is completed.

The team has committed to releasing a detailed post-mortem report once investigations conclude, outlining the root cause of the exploit and the corrective measures being implemented.