{"id":9612,"date":"2025-09-03T06:08:02","date_gmt":"2025-09-03T06:08:02","guid":{"rendered":"https:\/\/bitunikey.com\/news\/venus-protocol-recovers-13-5m-lost-in-phishing-attack\/"},"modified":"2025-09-03T06:08:08","modified_gmt":"2025-09-03T06:08:08","slug":"venus-protocol-recovers-13-5m-lost-in-phishing-attack","status":"publish","type":"post","link":"https:\/\/bitunikey.com\/news\/venus-protocol-recovers-13-5m-lost-in-phishing-attack\/","title":{"rendered":"Venus Protocol recovers $13.5M lost in phishing attack"},"content":{"rendered":"<p><\/p>\n<div class=\"post-detail__content blocks\">\n<p class=\"is-style-lead\">Venus Protocol has recovered funds lost in a phishing attack after swift intervention involving a governance vote.<\/p>\n<div id=\"cn-block-summary-block_521be0685ec2c0c26208a50cc8d00847\" class=\"cn-block-summary\">\n<div class=\"cn-block-summary__nav tabs\">\n        <span class=\"tabs__item is-selected\">Summary<\/span>\n    <\/div>\n<div class=\"cn-block-summary__content\">\n<ul class=\"wp-block-list\">\n<li>A Venus Protocol whale wallet was drained in a phishing attack which led to an estimated $13.5 million loss<\/li>\n<li>Venus paused the protocol and used governance powers to liquidate the attacker\u2019s positions.<\/li>\n<li>The recovery steadied XVS price, but raised questions about decentralization in crisis management.<\/li>\n<\/ul><\/div>\n<\/div>\n<p><!-- .cn-block-summary --><\/p>\n<p>Venus Protocol, one of the largest lending platforms on BNB (BNB) Chain, has recovered around $13.5 million lost in a phishing incident. The <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/x.com\/venusprotocol\/status\/1963017766098907282?s=46&amp;t=nznXkss3debX8JIhNzHmzw\" target=\"_blank\">update<\/a> was shared by the platform on Sept. 3, confirming the assets had been fully restored.<\/p>\n<h2 class=\"wp-block-heading\">Whale wallet compromised<\/h2>\n<p>On Sept. 2, a high-value Venus user lost control of assets worth around $13.5 million after approving a malicious transaction. Security firms initially estimated losses of up to $27 million, but they later modified these figures to take the user\u2019s debt position into consideration.\u00a0<\/p>\n<p>Among the stolen assets were wrapped Bitcoin (BTCB), vUSDT, vUSDC, vXRP, and vETH. Notably, this was a user-level compromise rather than a breach of Venus\u2019 smart contracts, demonstrating the ongoing risk of social engineering even in DeFi.<\/p>\n<p>    <!-- .cn-block-related-link --><\/p>\n<h2 class=\"wp-block-heading\">Swift response and recovery<\/h2>\n<p>In order to prevent the attacker from moving funds or closing positions, Venus instantly paused the protocol. The pause stopped the exploiter\u2019s activity and bought time for an emergency governance vote.<\/p>\n<p>By approving the forced liquidation of the attacker\u2019s holdings, the community was able to secure the stolen assets before they could be mixed or bridged.<\/p>\n<figure class=\"wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter\">\n<div class=\"wp-block-embed__wrapper\">\n<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">Update: Venus Protocol has been fully restored (withdrawals and liquidations resumed) as of 9:58PM UTC. \u2705<\/p>\n<p>The lost funds have been recovered under Venus&#8217; protection. \u2705 <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/t.co\/y2uUwPqmtb\">https:\/\/t.co\/y2uUwPqmtb<\/a><\/p>\n<p>\u2014 Venus Protocol (@VenusProtocol) <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/twitter.com\/VenusProtocol\/status\/1963017766098907282?ref_src=twsrc%5Etfw\" target=\"_blank\">September 2, 2025<\/a><\/p><\/blockquote>\n<\/div>\n<\/figure>\n<p>By Sept. 3, security firm PeckShield confirmed that the funds had been restored. Transactions on BNB Chain show the recovery in action, with assets returned to protocol reserves. Venus announced full resumption of operations at 9:58 PM UTC after completing security checks.<\/p>\n<h2 class=\"wp-block-heading\">Market and community reaction<\/h2>\n<p>XVS, Venus\u2019s governance token, initially dropped nearly 10% on the news, with a surge in trading volume as users rushed to assess the damage. After the recovery efforts were confirmed, the token stabilized, showing renewed confidence.\u00a0<\/p>\n<p>The result, which is a rare complete recovery of stolen funds, was made possible by Venus\u2019s emergency tools. However, it has spurred debate about centralization in DeFi because multisig intervention was required to stop the protocol and force liquidations.<\/p>\n<p>Venus said it will release a detailed post-mortem, but emphasized that the protocol itself remained secure.<\/p>\n<p>Phishing attacks have become common in the crypto industry. As opposed to protocol exploits, social engineering relies on user error and avoids code audits, typically through malicious pop-ups or spoof websites.\u00a0<\/p>\n<p>    <!-- .cn-block-related-link --><\/p><\/div>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Venus Protocol has recovered funds lost in a phishing attack after swift intervention involving a governance vote. Summary A Venus Protocol whale wallet was drained in a phishing attack which&hellip;<\/p>\n","protected":false},"author":1,"featured_media":4443,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-9612","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cryptocurrency"],"_links":{"self":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/9612","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/comments?post=9612"}],"version-history":[{"count":1,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/9612\/revisions"}],"predecessor-version":[{"id":9613,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/9612\/revisions\/9613"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/media\/4443"}],"wp:attachment":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/media?parent=9612"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/categories?post=9612"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/tags?post=9612"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}