Volo Protocol Security Breach: $3.5M Drained From Sui-Based Liquid Staking Platform

Key Highlights A security breach at Volo Protocol, a liquid staking service on Sui, resulted in approximately $3.5 million in stolen funds Three separate vaults containing WBTC, XAUm, and USDC were compromised in the incident Within half an hour of disclosure, Volo managed to freeze $500,000 worth of stolen assets The protocol’s other vaults, holding $28 million in total value locked, remain secure The development team has committed to covering all losses without impacting users On April 21, Volo Protocol—a liquid staking service operating on the Sui blockchain—disclosed that it had fallen victim to a security exploit resulting in roughly $3.5 million in stolen user funds. The breach impacted three specific vaults within the protocol’s infrastructure. These vaults contained Wrapped Bitcoin, a gold-pegged asset known as XAUm, and USDC stablecoin. No other vaults within the platform were compromised. Security Incident Update – Volo Protocol We want to address our community directly and transparently about a security incident that occurred earlier today. Rest assured, Volo is prepared to absorb any loss. What happened: An exploit resulted in the removal of approximately… — Volo (@volo_sui) April 21, 2026 The team behind Volo revealed the incident via X, explaining that they immediately reached out to the Sui Foundation and ecosystem collaborators upon detecting the breach. As a precautionary measure, all vaults were frozen to prevent additional fund drainage. Remarkably, just 30 minutes after making the exploit public, Volo reported successfully freezing $500,000 of the misappropriated assets. The specific mechanism used to accomplish this freeze was not disclosed. According to Volo’s statement, the $28 million in assets held across its remaining vaults faces no exposure to risk. The team clarified that these unaffected vaults operate independently and do not contain the same security flaw. Team Commits to Full User Reimbursement The Volo development team announced ...