BNB Chain lending platform Venus Protocol resumed full operations after an exploit on Tuesday forced an emergency vote to suspend withdrawals and 1 platform confirmed later that it had restored services and recovered the $27 million worth of digital assets compromised in the 2 disruption began when Venus identified suspicious activity linked to a phishing scam, which was also flagged by several cybersecurity 3 reported by Cryptopolitan, blockchain analysts had mentioned irregular transactions in the platform’s Core Pool Comptroller contract, which routes user assets vUSDC and 4 called for an emergency vote to pause services in order to limit losses and allow security teams to assess whether the exploit compromised Venus’ 5 users were unable to withdraw or liquidate positions during the hiatus, the protocol partially restored some functionality later the same day for them to repay debt and supply funds, actions that helped them protect their positions until normal operations could 6 Protocol’s proposed plan for restoration approved Venus Protocol proposed a plan to its community to determine the immediate steps for handling the 7 four-stage plan was outlined as follows: partial restoration within five hours, recovery of stolen funds within seven hours, a full security review within 24 hours, and the eventual resumption of all services once checks were 8 ended at around 5 PM UTC, with the community voting “100% to proceed,” the protocol announced.
“We are so thankful for your support, and will proceed with the execution,” the team wrote on 9 9:58 PM UTC, Venus confirmed that the plan had been completed successfully. “Venus Protocol has been fully restored, withdrawals and liquidations 10 lost funds have been recovered under Venus’ protection,” the platform said. Update: Venus Protocol has been fully restored (withdrawals and liquidations resumed) as of 9:58PM UTC. ✅ The lost funds have been recovered under Venus' protection. ✅ 0 — Venus Protocol (@VenusProtocol) September 2, 2025 The exploit stemmed from a phishing incident that tricked a Venus user into approving a malicious transaction, which granted an attacker access to the user’s $27 million worth of digital 11 scams imitate trusted platforms with near-identical websites made to lure users into entering credentials or approving harmful 12 to Cyvers, a blockchain security firm, this particular attack was launched using a domain closely resembling a legitimate 13 small differences are, more often than not unnoticed when victims rush through approvals for token launches or 14 the user approved the transaction, their wallet was 15 explained that its quick response prevented the attacker from moving the stolen assets out of their wallet.
“Fortunately, the suspicious transaction was identified almost immediately, and Venus Protocol was 16 of this quick response, the stolen funds remain locked in the attacker’s wallet and this is why Venus is currently paused,” the platform wrote in its emergency 17 to publish full post-mortem after analysis Venus Protocol said it would publish a full post-mortem of the incident once investigations are 18 platform also thanked its users for their trust and patience during the suspension of services. “Hackers have no place on 19 you for your patience, understanding, and continued trust as we work tirelessly to protect our users, safeguard our community, and uphold the integrity of the Venus 20 community is the foundation of Venus, and we will always act in your best interest,” the team 21 attacks are still atop of the most common threats in decentralized finance, accounting for almost 20% of the $2.17 billion stolen from crypto services in 2025, according to Chainalysis’ mid-year 22 Bybit now and claim a $50 bonus in minutes
Story Tags
Latest news and analysis from Cryptopolitan
