Volo Protocol, the operator of vaults that allow users to earn yields on their assets on Sui, announced that it has started to freeze part of the $3.5 million that hackers stole in an April 21 exploit, in what has become the latest case in a historically bad month of security breaches for DeFi protocols.
Volo Protocol first reported the $3.5 million hack on its official channels the same day the exploit occurred, after discovering that hackers had looted WBTC, XAUm, and USDG from its Volo Valuts.
Suilend quickly updated that none of its markets were affected by the incident and that user funds are safe, with deposits, borrowing, and withdrawals functioning as usual. For now, it said it will continue to monitor things, as this episode did not need the kind of preemptive halting of operations it initiated after the rsETH incident on KelpDAO.
The initial $3.% million loss that Volo reported is the latest million-dollar DeFi exploit in April, a month that has seen protocols lose almost 4X the combined total for the first three months of 2026.
Volo has started to freeze hacker bounty
It has not been all bad news for Volo Protocol as the project’s latest updates claim it has “successfully intercepted and blocked” attempts to swap 19.6 WBTC into unrecoverable assets.
The Wrapped Bitcoin (WBTC) that Volo intercepted is worth about $1.5 million based on Bitcoin’s current price, as these assets are meant to maintain a 1:1 peg to the original asset they wrap.
It is standard practice for hackers to quickly swap assets native to the protocols they attack into unrecoverable ones, such as ETH and BTC, to avoid freezes and clawbacks. As Cryptopolitan reported, KelpDAO hackers have already begun swapping their loot into BTC via Thorchain to avoid a repeat of the $71 million asset freeze on Arbitrum.
The 19.6 WBTC seizure followed an earlier $500,000 freeze that it initiated “working closely with ecosystem partners.”
The protocol assured that it is working with those ecosystem partners to plan how to recover the frozen tokens. The freezes and potential recoveries are being regarded as positive steps toward the project’s commitment to absorb losses in its initial message to users.
Is Sui safe after the Volo hack?
Citing sources, Cryptopolitan reported that the KelpDAO hack was an Ethereum L2 problem, with almost no impact on the mainnet. However, the DeFi contagion continues to spread across protocols with exposure to the rsETH token that was stolen in the exploit.
Similar questions have been raised about the Sui ecosystem by users of Volo Protocol and others with exposure to its vaults.
Volo already assured that the approximately $28 million in TVL secured in its vaults is safe, as the exploit affected only three vaults. It also ensured that its other vaults are not susceptible to the specific attack vector, which appears to be an admin key compromise, that caused this episode.
As a precautionary measure, Volo also said it had frozen all its vaults at least until it could provide a full picture of the incident, along with a plan to make users whole.
Suilend backed up its zero-contagion claims in its own post.
SUI is trading at $0.97 as of writing time, up about 2.72% over the past day, riding the positive momentum wave led by Bitcoin in response to positive news on the Iran conflict, which has rocked Middle Eastern geopolitics and global markets.
Total value locked on the network is down about 3.4% over the past day, dropping about $20 million during that period.
Don’t just read crypto news. Understand it. Subscribe to our newsletter. It’s free.
Source: https://www.cryptopolitan.com/volo-commits-to-absorb-losses-in-hack/