Venus Protocol Pauses Operations After $13,5 Million Loss in Attack

• Venus user loses $13,5 million to phishing
• DeFi Protocol Paused for Security Investigations
• Smart contract remains intact, according to developers

Venus Protocol, a decentralized lending platform, temporarily suspended its operations after one of its largest users lost approximately $13,5 million in a suspected phishing attack. According to blockchain security firms, the victim signed a transaction that granted token approvals to a malicious address, allowing the attacker to drain the funds.

In an official statement, the team said it is investigating the incident. "We are aware of the suspicious transaction and are actively investigating," the team wrote on X. "Venus is currently paused following security protocols."

Security firm PeckShield noted that the address "0x7fd...6202a" was authorized by the victim, enabling the transfer of assets. CertiK added that the user's wallet had called the updateDelegate function, approving the attacker before the funds were diverted.

#PeckShieldAlert Correction
The loss for the phished @VenusProtocol user is ~$13.5M.
Initial estimates were higher as we did not exclude the debt position. https://t.co/k6JDDLOrP1 pic.twitter.com/3Wx8ufpvic

—PeckShieldAlert (@PeckShieldAlert) September 2, 2025

Project moderators reinforced in Telegram messages that the protocol itself was not exploited. "To clarify, the Venus Protocol was NOT exploited. A user was attacked. The smart contract is secure," the official X account posted, amid speculation that the flaw had affected the platform.

To clarify, Venus Protocol has NOT been exploited. A user has been attacked. Smart contracts are safe. https://t.co/ijgelbgVQE

— Venus Protocol (@VenusProtocol) September 2, 2025

Launched in 2020, Venus Protocol has become one of the leading DeFi markets on the BNB Chain, with expansions also on Ethereum, Arbitrum, Optimism, opBNB, and zkSync. The platform allows for collateralization, borrowing, and minting of the VAI stablecoin, with governance controlled by the XVS token. The asset fell by up to 9% after the announcement but subsequently recovered slightly.

Experts point out that phishing attacks remain a recurring threat in the cryptocurrency sector. A CertiK report shows that, in the first half of 2025 alone, these scams accounted for US$410 million in losses across 132 recorded incidents. Hacken estimated that phishing and social engineering schemes resulted in up to US$600 million in losses in the same period.

The episode highlights the importance of safeguards against malicious approvals in DeFi protocols, where inadvertently granted permissions can be exploited by attackers to irreversibly move assets.