Venus Protocol, a prominent decentralized lending and borrowing platform, has suffered a significant security breach, resulting in a $3.7 million loss.
Venus Protocol announced on Sunday that it had detected suspicious trading activity in the liquidity pool for the Thena (THE) token, the native cryptocurrency of the Thena decentralized finance platform. The unusual activity primarily affected pools for the Cake (CAKE) token, the native cryptocurrency of PancakeSwap, and the Thena token itself. In response, the Venus team swiftly took action by pausing all THE borrows and withdrawals, effective immediately, to prevent further misuse. This precautionary measure will remain in place until the investigation is concluded.
The attack is suspected to be a supply cap attack, executed in two phases. According to Allez Labs, Venus Protocol’s risk manager, the attacker first accumulated about 84% of the total THE token market cap, followed by a lending attack. The exploiter used the Theta token as collateral to borrow a substantial amount of CAKE, USDC, BNB, and Bitcoin. The total amount borrowed included 6.67 million CAKE tokens, 1.58 million USDC, 2,801 BNB, and 20 Bitcoin.
Out of caution, Venus Protocol also halted withdrawals and borrowing for other tokens with low liquidity on the platform. The incident has had a significant impact on the THE token, which saw its price drop by more than 17% in the last 24 hours, trading at $0.2255 per token at the time of publication.
This attack highlights the ongoing cybersecurity and code exploit threats faced by crypto users and decentralized finance platforms. As the sector continues to grow, security threats that cause financial loss are becoming increasingly sophisticated. Despite the reduction in the total value lost to hacks and code exploits during February, there has been an uptick in phishing and social engineering scams, targeting private users through malicious signatures and address poisoning.
The incident underscores the need for enhanced security measures and robust risk management practices in the decentralized finance ecosystem. As the industry evolves, platform developers and users must remain vigilant to mitigate the risks associated with these sophisticated attacks.
About the Author
