SlowMist on X provided an update regarding the Venus security incident, confirming that neither the Venus protocol nor the front-end were compromised in the reported whale hack. Their forensic analysis, conducted with partners, indicates the victim was specifically targeted despite using a hardware wallet; the malicious actor replaced the desktop wallet extension used alongside the device. During a routine redeemUnderlying transaction the call was substituted with an updateDelegate operation, facilitating unauthorized asset removal from the user’s Venus account. The report underscores the importance of endpoint integrity and extension vetting in blockchain security risk management for institutional and high-net-worth holders.