Venus Protocol Security Strength: How $13M in Drained User Funds Was Recovered in Hours
Reliable lending protocols are the spine of DeFi. Many customers depend on them to deposit vital quantities of capital, enabling borrowing, lending, and participation in quite a lot of decentralized finance methods. Venus Protocol, one of many main multichain lending platforms with greater than $2.6 billion in TVL, lately demonstrated each its resilience and powerful onchain safety framework.
On September 2, 2025, a Venus person turned the goal of a phishing assault that drained roughly $13M in funds. The suspicious exercise instantly triggered a safety alert, prompting the protocol to pause operations as a precaution. Within simply 13 hours, the stolen belongings had been efficiently recovered, and Venus Protocol returned to full performance with out additional disruption.
Timeline: From Detection to Recovery
The sufferer reported that attackers used a malicious Zoom consumer to realize management of their machine. Using this entry, they tricked the person into approving them as a sound Venus delegate, permitting the attacker to borrow and redeem on the person’s behalf and drain roughly $13M throughout a number of belongings, together with USDT, wBETH, FDUSD, USDC, and BTCB
Venus responded swiftly—pausing the protocol shortly after detecting the suspicious transaction, guaranteeing the attacker couldn’t entry or switch the stolen belongings. Following safety recommendation, the Venus workforce additionally paused the EXIT_MARKET motion throughout all markets, stopping the attacker from disabling a number of the stolen belongings that had been performing as collateral. Coordinating with safety companions and deploying a customized liquidator, the workforce efficiently recovered all stolen funds, restoring the protocol to full operation safely and securely.
Key Details
- Funds Drained: 19.826M USDT, 3,744 wBETH, 311,571 FDUSD, ~15,000 USDC, and a small quantity of ETH
- Victim pockets deal with: 0x563617b87d8bb3f2f14bb5a581f2e19f80b52008
- Attacker pockets deal with: 0x7fd8f825e905c771285f510d8e428a2b69a6202a
- Receiver pockets deal with (recovered funds and debt from attacker): 0xC753FB97Ed8E1c6081699570b57115D28F2232FA
- Custom Liquidator: 0xe011d57ecf48c448a7601eae30e6bf2d22886c50
- Type of Attack: Phishing through malicious Zoom consumer granting delegated entry
- Full key occasion particulars: https://x.com/VenusProtocol/status/1963251755543839227
Venus Protocol: SAFU, Backed by Strong Security
Venus is a number one protocol launched in 2020, permitting customers to borrow and lend in a protected, decentralized atmosphere. With over $2.6 billion in TVL throughout 8 chains, Venus stands out for its robust method to person safety. Currently, it ranks among the many high ten most safe lending and borrowing tasks in line with CertiK and has undergone a number of audits by main safety companies, together with PeckShield, Quantstamp, Code4rena, and others. To keep knowledgeable about Venus and study extra in regards to the protocol, observe the official hyperlinks:
Official Website | Venus App | Docs | X | Discord
The submit Venus Protocol Security Strength: How $13M in Drained User Funds Was Recovered in Hours appeared first on BeInCrypto.
