News
3 min.Read

BNB Holder May Have Lost $27M in Phishing Scam; Venus Protocol Not Compromised

Marisol Navaro
By Marisol Navaro

Binance Smart Chain phishing attack drained about $27 million in tokens after a user approved a malicious transaction; Venus Protocol confirms its contracts were not exploited, and security firms PeckShield and Cyvers, alongside Venus and community partners, are coordinating recovery efforts.

  • Binance Smart Chain phishing drain: ~ $27M lost after wallet approval of a malicious transaction.

  • Venus Protocol confirms its smart contracts were not compromised; the issue is a user wallet compromise.

  • Security firms PeckShield, Cyvers and ZeroShadow are investigating and assisting recovery efforts.

Binance Smart Chain phishing: $27M drained from a user wallet; Venus Protocol safe—follow recovery updates on COINOTAG.

What happened in the Binance Smart Chain phishing drain?

Binance Smart Chain phishing led to a single user wallet being drained of about $27 million in wrapped tokens after the wallet owner approved a malicious transaction. Security firms PeckShield and Cyvers confirm this was a phishing attack; Venus Protocol states its contracts remain secure and other users are unaffected.

How did the phishing scam work?

Phishing scams trick users into approving malicious transactions by mimicking trusted sites or dApps. The attacker presented a website or interface with a nearly identical domain. The victim granted token approval to the attacker’s address, which allowed the attacker to transfer wrapped USDT/USDC tokens out of the wallet.

Who is assisting with investigation and recovery?

PeckShield and Cyvers are publicly involved in the investigation. Venus Protocol teams and community delegate Danny Cooper report collaboration with Binance Security, HexaGate, ChaosLabs, and ZeroShadow to attempt fund recovery. Recovery is ongoing and not guaranteed at this stage.

Why was Venus Protocol initially mistaken as hacked?

Early on, funds were observed in Venus wrapper tokens for USDT and USDC, which led observers to suspect a protocol exploit. Venus Protocol and security teams quickly clarified that the protocol was not exploited. The wrapped tokens and approvals were linked to a compromised user wallet, not to a vulnerability in the protocol’s smart contracts.

What evidence points to the attackers’ origin?

Initial analysis by ZeroShadow noted an “attack fingerprint” suggesting a link to actors based in the Democratic People’s Republic of Korea. Historical context: Lazarus Group, associated with North Korea, has been linked to major crypto heists according to public filings and law enforcement reporting.

How to respond if your wallet is phished

  1. Revoke approvals immediately: Use trusted on-chain approval revocation tools to rescind token approvals.
  2. Move safe assets: Transfer unaffected assets to a new wallet with new seed phrases after ensuring device security.
  3. Contact security partners: Report incidents to security firms and projects involved for tracing and possible recovery assistance.
  4. Preserve logs and TX IDs: Keep transaction hashes, addresses involved, and any phishing domain details for investigators.


Frequently Asked Questions

Is my Venus Protocol balance at risk after this incident?

No. Venus Protocol states that its smart contract infrastructure remains secure. Only the compromised user’s wallet was affected; other users’ funds are not known to be at risk.

How do phishing approvals allow attackers to drain wallets?

When a user approves a token allowance to a malicious address, the attacker gains the on-chain permission to transfer the approved tokens out of that wallet, enabling immediate asset extraction.

Key Takeaways

  • Incident scope: A single Binance Smart Chain wallet lost ~ $27M after a phishing approval.
  • Protocol safety: Venus Protocol confirms its contracts were not exploited; user funds on the protocol are not broadly compromised.
  • Response: PeckShield, Cyvers, ZeroShadow and multiple security partners are working with the victim to investigate and attempt recovery.

Conclusion

The Binance Smart Chain phishing incident that drained roughly $27 million underscores persistent risks from social-engineering attacks. Binance Smart Chain phishing incidents exploit user trust rather than protocol flaws. Users should revoke suspicious approvals, secure devices, and follow guidance from security partners. Stay updated through COINOTAG for recovery developments and recommended safety practices.

Published by COINOTAG • Updated: 2025-09-02

Don't forget to enable notifications for our Twitter account and Telegram channel to stay informed about the latest cryptocurrency news.

BREAKING NEWS

Ethereum Could Spark $1.186B Short Liquidations at $4,700 or $1.023B Long Liquidations Below $4,500 — Coinglass

0
According to Coinglass data reported by COINOTAG on September...

$AIA listed on Bybit futures

0
$AIA listed on Bybit futures

$BARD added to Binance alpha projects

0
$BARD added to Binance alpha projects

Upbit Notice

0
Upbit Notice Lombard (BARD) New Trading Support Guide (KRW, BTC,...

Ethereum Whale Liquidates 8,711 ETH After Two-Year Re-Accumulation, Nets $5.23M

0
COINOTAG News (September 18) reports that on-chain analyst AI...

Topics

spot_imgspot_imgspot_img
CoinStats Premium

Related Articles

spot_imgspot_imgspot_imgspot_img

Popular Categories

BTCETHSOLXRPDOGECoreSHIB
spot_imgspot_imgspot_img
Previous article
XRP May Not Have Found a Bottom as Bollinger Bands Signal Risk; $2.60 Support, $3.05 Key Level
Next article
Dogecoin Could Test $0.208 Support After Nearly $7M in Long Liquidations, Faces $0.225 Resistance

Timely, reliable coverage of breaking news, insights, and analyses on Bitcoin and cryptocurrencies since 2018.

Disclaimer: The information provided on COINOTAG NEWS is for informational purposes only and should not be considered financial or investment advice. Always conduct your own research and consult with a financial advisor before making any investment decisions.

© COINOTAG News 2024