Venus Protocol, a major lending platform on BNB Chain, fully restored withdrawals and liquidations after pausing activity on Tuesday to investigate a suspected exploit that drained an estimated $27 million.
The team said the pause allowed security specialists to confirm that the platform’s front end had not been compromised and to recover the lost funds through Venus’ protection mechanisms. On-chain investigators initially pointed to the protocol’s Core Pool Comptroller contract, which appeared to route vUSDC, vETH and other assets to an attacker-controlled address.
Venus announced operations resumed at 9:58 PM UTC and said a full post-mortem will be published in due course. The platform also thanked the community for support during what it called a “critical moment.”
The incident underlines ongoing risks in DeFi: malicious contract updates and governance or key-management failures can move large sums quickly. While Venus reports funds were recovered, its native token XVS was down about 2.69% over 24 hours following Tuesday’s sell-off.
What this means for users: remain cautious with large positions, verify front-end URLs, and prefer platforms with robust multisig and timelock protections. Security audits, rapid incident response and transparent post-mortems are essential for restoring user trust.
Source: CoinDesk. Read the original coverage for full details.