Decentralized lending platform Venus Protocol has reportedly suffered a suspected flash-loan assault on its Core Pool on BNB Chain, resulting in losses of greater than $3.7 million.
On-chain information exhibits the attacker manipulated provide caps utilizing the Thena (THE) token, permitting them to borrow a number of property from the protocol.
How the Venus Protocol Assault Occurred?
In response to blockchain information, the attacker used an handle beginning with 0x1a35…6231 to use the system. The technique started months earlier, when the attacker slowly accrued round 84% of the THE provide cap (14.5M tokens) over 9 months beginning in June 2025.
The actual exploit occurred when the attacker bypassed the conventional deposit course of by instantly transferring tokens to the protocol contract.
This allowed them to exceed the availability cap and construct an enormous 53.2 million THE collateral place, which was almost 3.7 occasions the allowed restrict.
Borrowing and Value Manipulation
Utilizing the inflated collateral, the attacker started borrowing giant quantities of property, together with:
Round 20 BTC in wrapped BitcoinAbout 1.5 million CAKE tokensNearly 200 BNB1.58 million USDC
To maximise the exploit, the attacker repeatedly adopted a loop technique: deposit THE, borrow property, purchase extra THE, and anticipate the TWAP oracle value replace to extend the collateral valuation.
This pushed the value of THE from round $0.263 to just about $0.563 earlier than the market finally collapsed to about $0.22 throughout liquidation.
Venus Protocol Responds
Following the incident, the crew behind Venus Protocol introduced precautionary measures. Borrowing and withdrawals of THE have been quickly paused, together with a number of markets that confirmed excessive liquidity focus, together with BCH, LTC, UNI, AAVE, FIL, and TWT.
The protocol confirmed that each one different markets stay operational and unaffected whereas the investigation continues.
The crew additionally said it can launch an in depth report as soon as the complete evaluation of the exploit is accomplished.
Belief with CoinPedia:
CoinPedia has been delivering correct and well timed cryptocurrency and blockchain updates since 2017. All content material is created by our professional panel of analysts and journalists, following strict Editorial Tips primarily based on E-E-A-T (Expertise, Experience, Authoritativeness, Trustworthiness). Each article is fact-checked towards respected sources to make sure accuracy, transparency, and reliability. Our evaluate coverage ensures unbiased evaluations when recommending exchanges, platforms, or instruments. We try to offer well timed updates about all the things crypto & blockchain, proper from startups to trade majors.
Funding Disclaimer:
All opinions and insights shared symbolize the writer’s personal views on present market circumstances. Please do your individual analysis earlier than making funding selections. Neither the author nor the publication assumes accountability in your monetary decisions.
Sponsored and Ads:
Sponsored content material and affiliate hyperlinks might seem on our website. Ads are marked clearly, and our editorial content material stays totally unbiased from our advert companions.
