Venus Protocol Recovers $13.5M After Phishing Attack

Quick Breakdown:

• Venus Protocol has recovered $13.5 million lost after a whale wallet fell victim to a phishing attack. 
• The protocol paused operations and leveraged governance powers to liquidate attacker positions, fully restoring assets and stabilizing its token XVS.
• This rare recovery highlights risks of social engineering and sparks centralized crisis management debates.

Venus Protocol successfully recovered $13.5 million stolen in a high-profile phishing attack that compromised a whale wallet, the platform confirmed on September 3. The incident exposed a critical vulnerability not in its smart contracts, but in user security, emphasizing ongoing risks from social engineering attacks in the DeFi sector.

Update: Venus Protocol has been fully restored (withdrawals and liquidations resumed) as of 9:58PM UTC. ✅

The lost funds have been recovered under Venus’ protection. ✅ https://t.co/y2uUwPqmtb

— Venus Protocol (@VenusProtocol) September 2, 2025

On September 2, a prominent Venus user unknowingly approved a malicious transaction, resulting in the loss of an estimated $13.5 million in assets, including wrapped Bitcoin (BTCB), vUSDT, vUSDC, vXRP, and vETH. Initial loss estimates were nearly double but later adjusted to account for the user’s debt position, according to security analysts.

How has Venus responded?

Venus responded immediately by halting protocol activity to freeze the attacker’s ability to move or liquidate stolen funds. This pause created a critical window for an emergency governance vote, approved by the community, to forcibly liquidate the attacker’s positions and prevent fund obfuscation or bridging.

Security firm PeckShield verified full restoration of the assets by September 3, as transactions on the BNB Chain reflected the funds returning to protocol reserves. Venus resumed normal operations later that day after completing thorough security checks.

Venus emphasized that while the protocol’s core contracts remained uncompromised, phishing attacks continue to threaten users, as attackers exploit human error through deceptive websites and pop-ups rather than targeting code vulnerabilities.

This incident serves as a stark reminder that, despite technical security, decentralized platforms must fortify social engineering defences and consider the balance between rapid crisis response and decentralization principles. Venus plans to release a detailed post-mortem report to inform the community and improve future safeguards.

Notably, in August 2025, a total of $163 million was lost to crypto hacks and exploits, marking a 15% increase from the previous month. The primary causes were private key theft, compromised signers, and social engineering, with the largest single loss being a $91.4 million Bitcoin robbery.