Venus Protocol Resumes After $13.5M Crypto Theft Scare

Venus Protocol resumes operations after a $13.5M phishing theft, secures funds, and promises a full incident report as XVS price barely moves.

Venus Protocol Resumes After $13.5M Crypto Theft Scare. Image: Midjourney
Image: Midjourney

Key Highlights

  • Venus Protocol halts, then restores operations after $13.5M theft scare
  • Stolen funds secured; no user assets or frontend were compromised
  • XVS token showed only slight gains despite recovery confirmation

Venus Protocol Restores Operations After $13.5M Theft Scare

Venus Protocol, a decentralized lending platform on BNB Chain, has resumed normal operations after halting services due to a phishing-related theft.

Recovery and Security Measures

On September 2, Venus announced that withdrawals and liquidations were restored at 9:58 PM UTC. The stolen funds were secured under the platform’s control, while all user assets and the frontend remained unaffected.

The team defended its decision to pause activity, explaining that it was “necessary both to recover the stolen funds and to conduct a comprehensive security audit.”

The issue stemmed from a phishing attack on a major trader, who unknowingly signed a malicious contract using the updateDelegate() function. According to blockchain security firm PeckShield, this enabled the attacker to siphon around $13.5 million. Initial reports put the potential loss at $27 million, but this was later revised.

Source: X/PeckShieldAlert
Source: X/PeckShieldAlert

Market Reaction and Next Steps

Despite the platform’s recovery and reassurance, the market response was subdued. XVS, Venus Protocol’s native token, ticked up just 4.6% and traded at $6.29 at press time.

Venus XVS Price. Source: CoinGecko
Venus XVS Price. Source: CoinGecko

Venus stressed that the outage gave security experts the chance to verify there was no deeper breach. The developers also expressed gratitude to users: “We’re thankful for the community’s support during this critical moment.”

The project has promised to release a full incident report detailing the recovery process and security findings in the near future.