DeFi Protocol Volo Loses Millions to Hackers Just Days After KelpDAO Breach

The decentralized finance sector is facing another major security crisis. Volo Protocol, a platform built on the Sui blockchain that allows users to deposit assets into yield-generating vaults, has become the latest victim of a significant hack. This incident has drained around $3.5 million in digital assets from three of its vaults. The affected vaults contained wrapped bitcoin, tokenized gold, and the dollar-pegged stablecoin USDC. Following the breach, Volo Protocol has frozen all vaults and is collaborating with the Sui Foundation and on-chain investigators to mitigate the damage and track the stolen funds. So far, the protocol has successfully frozen $500,000 in assets through coordination with its ecosystem partners, preventing the movement or withdrawal of these funds. However, the majority of the stolen assets remain under investigation. This attack has added to the growing concerns regarding the security of smart contracts and protocol oversight within the decentralized finance space. The timing of this incident is particularly noteworthy, coming just days after the KelpDAO exploit, which resulted in the draining of millions of dollars by artificially minting unbacked liquid restaking tokens. The aftermath of these exploits has triggered a ripple effect across the DeFi sector, causing collateral damage to multiple protocols, including leading lending platforms where users have rushed to withdraw funds due to heightened uncertainty. According to data from DeFiLlama, decentralized finance has suffered approximately $7.78 billion in hacks to date, with bridge protocols accounting for an additional $2.90 billion in losses. The combined figure exceeds $10 billion, which is roughly equivalent to the market capitalization of cryptocurrencies ranked between 10th and 15th globally. Volo Protocol has announced plans to publish a full post-mortem report once its investigation is complete and remediation steps are finalized. However, for DeFi users and investors, a disturbing pattern is emerging: despite accelerating institutional adoption, relatively little capital appears to be allocated towards improving security, with exploits continuing to occur in clusters.