Venus Protocol User Loses $27M in Phishing Attack, Platform Pauses Operations

The post Venus Protocol User Loses $27M in Phishing Attack, Platform Pauses Operations appeared first on Coinpedia Fintech News

DeFi platforms are under increasing pressure as hackers find new ways to exploit vulnerabilities. Recent incidents have sent shockwaves through the crypto community, raising concerns about security and user safety.

A major account on the Venus Protocol, a leading lending platform on the BNB Chain, was compromised, losing about $27 million in a hack. Blockchain analysts believe the user’s interaction with the Core Pool Comptroller contract allowed attackers to steal tokens like vUSDC and vETH.

The stolen funds from Venus Protocol are still stuck in the attacker’s contract. Cyvers Alerts and Peckshield flagged the suspicious activity.

$27M Drained in Social Engineering Attack

The victim unknowingly approved a malicious transaction, giving the attacker’s wallet full access to their tokens, including $19.8M in vUSDT, $7.15M in vUSDC, $146K in vXRP, $22K in vETH, and even 285 BTCB. 

Crypto Jargon notes that this was purely a social engineering attack, showing how one careless approval can drain a fortune instantly. He emphasized staying safe online by avoiding random links, double-checking transactions, revoking approvals regularly, and using hardware wallets.

Venus Protocol Paused For Precaution

Venus Protocol confirmed that a user’s wallet was drained, but the platform’s smart contracts remain secure. The protocol has been paused as a precaution while the team investigates the incident.

The team also clarified that Venus itself has not been exploited and assured the community that they are actively monitoring the situation. 

Venus’s token XVS has dropped to $5.97, down 6% in the last 23 hours. 

Bunni Exchange Hit by $2.4M Exploit

Meanwhile, decentralized exchange Bunni also suffered a $2.4 million exploit today. Attackers manipulated its Ethereum-based smart contracts, draining funds to a wallet holding $1.33M in USDC and $1.04M in USDT.

All smart contract functions have been paused as a precaution while the team investigates. These two incidents highlight the biggest risks in DeFi: users falling for scams and vulnerabilities in smart contracts.

Crypto hacks have surged in August, with $163 million stolen across 16 attacks. Cybersecurity experts warn that hackers are shifting focus to exchanges and wealthy individuals, signaling rising threats in the booming market.