Venus Protocol Pauses as vUSDT Holdings May Have Been Drained in $27M Phishing Attack

  • Attack overview: A phishing approval allowed attackers to drain approximately $27M in Venus vUSDT and vUSDC.

  • Response: Venus Protocol paused the protocol to run security reviews and notified the community on its official channels.

  • On-chain data: Compromised wallet held ~ $19.8M vUSDT and $7.15M vUSDC before funds were siphoned.

Venus Protocol phishing attack: $27M stolen after a phishing approval; Venus paused the protocol for security reviews. Learn what happened and how to secure wallets now.

Venus Protocol paused the platform to conduct security reviews but said the $27 million loss was not linked to a flaw in its contracts.

What happened in the Venus Protocol phishing attack?

Venus Protocol phishing attack occurred when a DeFi user approved a malicious transaction that granted an attacker permission to transfer assets, resulting in roughly $27 million stolen. Venus confirmed the incident appears to be a compromised wallet approval and paused the protocol while security reviews proceed.

A blockchain security firm, PeckShield, reported that a single user lost approximately $27 million after interacting with a phishing contract. On-chain traces indicate the wallet held roughly $19.8 million in Venus USDT (vUSDT) and $7.15 million in Venus USDC (vUSDC) before funds were moved out following the malicious approval.

01990a17 e1b5 720f 813f 9232098dbb22
Source: PeckShield

How did the attacker drain $27 million from the wallet?

The attacker used a phishing flow to trick the user into signing an approval transaction that granted token-transfer rights. Once approval was granted, the attacker executed transfers to external addresses and wrapped assets were moved off-chain. On-chain analytics show the pattern of approval → approvals exploited → asset transfers consistent with phishing drains.

Why did Venus pause the protocol?

Venus paused borrowing and other protocol functions as a precautionary measure while conducting security reviews. The protocol’s official statement (posted on its social channels) emphasized that the incident appears related to user error or a compromised wallet, not a smart-contract vulnerability. The pause aims to protect users while auditors examine the situation.


Frequently Asked Questions

Was the Venus Protocol smart contract exploited?

Venus Protocol has reported that current evidence points to a compromised wallet approval rather than a smart-contract exploit. The protocol is paused to allow security teams to verify on-chain activity and confirm contract integrity.

How can DeFi users prevent similar phishing attacks?

Users should revoke unknown approvals, use hardware wallets or multisig accounts, verify contract addresses via official plain-text channels, and limit token approvals to minimal amounts to reduce risk.

Key Takeaways

  • Incident summary: A phishing approval led to a $27M drain from a Venus Protocol user wallet.
  • Protocol action: Venus paused the protocol for security reviews while stating contracts appear unaffected.
  • User action: Revoke approvals, move funds to secure wallets, and adopt hardware or multisig protections immediately.

Conclusion

The Venus Protocol phishing attack underscores the persistent risk of approval-based scams in DeFi. Security firm PeckShield documented the drain of about $27M in vUSDT and vUSDC, and Venus paused the protocol while conducting reviews. Users should follow immediate mitigation steps and adopt stronger wallet protections to reduce future risk. COINOTAG will update this report as official findings are published.

Published: 2025-09-02 | Updated: 2025-09-02 | Author: COINOTAG

Don't forget to enable notifications for our Twitter account and Telegram channel to stay informed about the latest cryptocurrency news.

BREAKING NEWS

US Bitcoin Spot ETFs Record $51.3M Net Outflow on Sept 18 — BlackRock’s BIT +$149.7M vs Fidelity’s FBTC -$116M

COINOTAG reported on September 18, citing Farside Investors data,...

Ethereum (ETH) Whale Buys 25,000 ETH for $112.34M in USDC at $4,493 Following Fed 25bp Rate Cut

On September 18, COINOTAG News reported, citing LookIntoChain monitoring,...

Whale Profits $74.92M Scalping ETH — Buys 18,000 ETH with $80.77M USDC via Wintermute, Sparking Rebound to $4,600

COINOTAG reported on September 18 that on-chain analyst yujin...

BlockBeats: ‘Buddy’ Holds 20,400 ETH Longs — $4.23M Floating Profit Across ETH, PUMP & HYPE (Sep 18)

COINOTAG reported on September 18 that monitoring data from...

Vitalik Defends Ethereum’s 45-Day ETH Staking Withdrawal Rule: “Friction Upon Exit Is Inherent”

COINOTAG reported on September 18 that Ethereum co-founder Vitalik...
spot_imgspot_imgspot_img

Related Articles

spot_imgspot_imgspot_imgspot_img

Popular Categories

spot_imgspot_imgspot_img