Anatomy of the Venus Protocol Whale Hack
Earlier this week, crypto whale Kuan Sun shared his detailed expertise of being focused by a complicated phishing assault on his X account.
This story serves as a stark warning to all traders, as he misplaced after which recovered $13.5 million. As the digital asset ecosystem expands, so does the threat of hacking. How can traders stop huge losses?
A Seemingly Harmless Meeting That Became a Nightmare
A phishing attack on Tuesday robbed Kuan Sun, a person of the decentralized lending platform Venus Protocol, of his cryptocurrency. However, due to the swift response and cooperation of the Venus Protocol group, he was capable of recuperate the stolen funds.
The elaborate assault started in April 2025 at the Hong Kong Wanxiang Conference. There, a mutual good friend launched Sun to somebody who claimed to be a consultant for Stack’s Asia Business Development. This form of networking is widespread in the crypto house, they usually added one another on Telegram.
On August 29, the so-called “BD” requested a easy Zoom assembly. Sun joined late and observed that there was no sound in the room.
A pop-up message on his webpage learn, “Your microphone wants an replace.” Confused, Sun clicked the improve button—a deadly mistake that set the entice.
Sun later realized the hackers weren’t performing on the fly. He stated the extremely custom-made assault had been in movement since Monday, focusing on him particularly.
After the “replace,” he began seeing unusual messages on his pc. The Chrome browser would shut abnormally, and a “Restore tabs?” message would pop up.
Suspecting nothing, Sun continued his routine and accessed Venus Protocol via his browser. There, he proceeded to carry out a withdrawal, a activity he had achieved numerous instances earlier than.
Shortly after, his pc slowed down, his Google account was logged out of Chrome, and unusual, unfamiliar transactions appeared in his pockets. He instantly knew one thing was terribly incorrect.
The evaluation means that the hackers changed his incessantly used Rabby pockets extension with a computer virus. This tactic is usually utilized by Lazarus, the notorious North Korean hacking group.
After gaining pockets approval authority, they shortly transferred varied tokens, together with vUSDC, vETH, vWBETH, and vBNB.
A Swift Recovery and Key Lessons
Sun acted shortly by contacting blockchain safety corporations Peckshield and Slowmist for steering. He additionally reached out to the Venus Protocol group for assist.
As a outcome, Venus Protocol instantly paused the platform as a safety measure and started an investigation.
They then initiated an emergency governance vote to force-liquidate the attacker’s pockets, permitting Sun to efficiently recuperate his $13.5 million.
On Thursday, Sun shared his story and his key takeaways. He warned that North Korean hackers are more and more utilizing a mix of social engineering, deepfakes, and Trojans.
As a outcome, what seems to be a respectable video convention or a traditional Twitter account could possibly be completely faux.
He particularly suggested customers to keep away from Zoom hyperlinks from others and to obtain program plugins solely from official channels. He additionally urged them by no means to click on “improve” hyperlinks that seem in pop-up home windows.
Sun expressed his gratitude to the Venus group for his or her swift motion in stopping additional injury. He urged everybody to “at all times be suspicious of any requests you obtain in each day life, and at all times reply calmly.”
The put up Anatomy of the Venus Protocol Whale Hack appeared first on BeInCrypto.
