Venus Protocol Pauses as vUSDT Holdings May Have Been Drained in $27M Phishing Attack

  • Attack overview: A phishing approval allowed attackers to drain approximately $27M in Venus vUSDT and vUSDC.

  • Response: Venus Protocol paused the protocol to run security reviews and notified the community on its official channels.

  • On-chain data: Compromised wallet held ~ $19.8M vUSDT and $7.15M vUSDC before funds were siphoned.

Venus Protocol phishing attack: $27M stolen after a phishing approval; Venus paused the protocol for security reviews. Learn what happened and how to secure wallets now.

Venus Protocol paused the platform to conduct security reviews but said the $27 million loss was not linked to a flaw in its contracts.

What happened in the Venus Protocol phishing attack?

Venus Protocol phishing attack occurred when a DeFi user approved a malicious transaction that granted an attacker permission to transfer assets, resulting in roughly $27 million stolen. Venus confirmed the incident appears to be a compromised wallet approval and paused the protocol while security reviews proceed.

A blockchain security firm, PeckShield, reported that a single user lost approximately $27 million after interacting with a phishing contract. On-chain traces indicate the wallet held roughly $19.8 million in Venus USDT (vUSDT) and $7.15 million in Venus USDC (vUSDC) before funds were moved out following the malicious approval.

01990a17 e1b5 720f 813f 9232098dbb22
Source: PeckShield

How did the attacker drain $27 million from the wallet?

The attacker used a phishing flow to trick the user into signing an approval transaction that granted token-transfer rights. Once approval was granted, the attacker executed transfers to external addresses and wrapped assets were moved off-chain. On-chain analytics show the pattern of approval → approvals exploited → asset transfers consistent with phishing drains.

Why did Venus pause the protocol?

Venus paused borrowing and other protocol functions as a precautionary measure while conducting security reviews. The protocol’s official statement (posted on its social channels) emphasized that the incident appears related to user error or a compromised wallet, not a smart-contract vulnerability. The pause aims to protect users while auditors examine the situation.


Frequently Asked Questions

Was the Venus Protocol smart contract exploited?

Venus Protocol has reported that current evidence points to a compromised wallet approval rather than a smart-contract exploit. The protocol is paused to allow security teams to verify on-chain activity and confirm contract integrity.

How can DeFi users prevent similar phishing attacks?

Users should revoke unknown approvals, use hardware wallets or multisig accounts, verify contract addresses via official plain-text channels, and limit token approvals to minimal amounts to reduce risk.

Key Takeaways

  • Incident summary: A phishing approval led to a $27M drain from a Venus Protocol user wallet.
  • Protocol action: Venus paused the protocol for security reviews while stating contracts appear unaffected.
  • User action: Revoke approvals, move funds to secure wallets, and adopt hardware or multisig protections immediately.

Conclusion

The Venus Protocol phishing attack underscores the persistent risk of approval-based scams in DeFi. Security firm PeckShield documented the drain of about $27M in vUSDT and vUSDC, and Venus paused the protocol while conducting reviews. Users should follow immediate mitigation steps and adopt stronger wallet protections to reduce future risk. COINOTAG will update this report as official findings are published.

Published: 2025-09-02 | Updated: 2025-09-02 | Author: COINOTAG

Don't forget to enable notifications for our Twitter account and Telegram channel to stay informed about the latest cryptocurrency news.

BREAKING NEWS

SlowMist Cosmos Update on Venus Hack: Frontend Phishing Risk, XMR-Converted Gas and Potential Loss Under $20M

SlowMist Cosmos posted on X that the Venus Protocol...

WLFI Token: Suspected KOL DonAlt Deposits 12.97M to Binance — $3.2M Move Could Net $2.55M

COINOTAG News (September 2) reports that on-chain analyst Ai...

Bitcoin Retraces to $107K — Oversold RSI, Falling Volume and Soaring Options Skew Signal Defensive Market

glassnode’s Sept. 2 market analysis shows that as the...

Bitcoin DeFi Token Lombard Raises $70M+ on Buidlpad — 1038% Oversubscribed with $4.5B Valuation

COINOTAG reported on September 2 that, per an official...
spot_imgspot_imgspot_img

Related Articles

spot_imgspot_imgspot_imgspot_img

Popular Categories

spot_imgspot_imgspot_img