Venus Protocol Phishing Attack Sees $13.5M Fund Recovery

The Venus Protocol phishing attack, which resulted in the loss of approximately $13.5 million, has taken a dramatic turn. In the latest development, the BNB Chain-linked lending platform announced that it has recovered the stolen assets, sparking optimism.

While this Venus Protocol phishing attack highlights the growing vulnerability of cryptocurrencies, the firm’s move underscores the need for swift action in the face of cyber threats.

Recovers Stolen Funds

Earlier today, the BNB Chain lending platform took to X to reveal the complete restoration of the $13.5 million funds stolen in a recent phishing scam. The X post read,

“Update: Venus Protocol has been fully restored (withdrawals and liquidations resumed) as of 9:58 PM UTC. The lost funds have been recovered under Venus' protection.”

Notably, the Venus Protocol phishing attack on September 2 led to a massive loss of $13.5M. Hackers targeted assets like wrapped Bitcoin (BTCB), vUSDT, vUSDC, vXRP, and vETH.

Though security firms initially estimated that about $27 million was lost in the hack, the team later clarified that only $13.5 million was stolen. This incident highlights the risks of social engineering in DeFi, as it was a user-level compromise rather than a breach of Venus' smart contracts.

Immediately after the Venus Protocol phishing attack, the platform paused its operations. This helped to halt the attacker from moving the funds and allowed time for an emergency governance vote to be initiated.

Soon, the firm announced the partial restoration of the stolen tokens, enabling users to take proactive measures to manage their positions. The team allowed them to repay debt or add funds to avoid liquidation.

Social Engineering Scams Rise

This incident comes amid increasing social engineering scams. Recently, scammers have been targeting Binance users by posing as service agents to trick users into providing access to sensitive credentials. A Binance user lost about $91 million in crypto via a similar attack.

These social engineering scams continue to exist, with exchanges like Binance repeatedly warning their users against such tricks. As Coin Gabbar reported, Binance CEO Richard Teng drew the community’s attention to the growing cases where fraudsters dupe as the support team and trick users into changing their API settings. He wrote,

“Ring, ring! Could be a scam. We've seen a new scam: fake support calls trying to get you to change your API. Remember, we'll never ask for your passwords or credentials over the phone.”