Venus Protocol, one of the largest lending platforms on the BNB Chain, successfully recovered funds lost in a phishing attack, amounting to approximately $13.5 million.
Whale Wallet Compromised
On September 2, a high-value Venus user lost control of assets worth around $13.5 million after approving a malicious transaction. Initial loss estimates were up to $27 million, but were later adjusted considering the user's debt position. The stolen assets included wrapped Bitcoin (BTCB), vUSDT, vUSDC, vXRP, and vETH, indicating that the incident was a user-level compromise rather than a breach of Venus’ smart contracts.
Swift Response and Recovery
To prevent the attacker from moving funds or closing positions, Venus immediately paused the protocol. This action halted the exploiters’ activity and allowed time for an emergency governance vote. By approving the forced liquidation of the attacker’s holdings, the community secured the stolen assets before they could be mixed or bridged. By September 3, security firm PeckShield confirmed that the funds had been restored.
Market and Community Reaction
XVS, Venus’s governance token, initially dropped nearly 10% on news of the theft, with a surge in trading volume as users rushed to assess the damage. Following confirmation of recovery efforts, the token stabilized, indicating renewed investor confidence. However, the requirement for multisig intervention to halt the protocol and force liquidations raised concerns about centralization in DeFi.
The successful recovery of funds highlights the capabilities of Venus Protocol's emergency tools, but raises important discussions about the balance between centralized control and decentralized management in the DeFi space.
