Altcoin Developers Release Expected Report on Major Hacking Incident – Here Are the Details

DeFi lending platform Venus Protocol recovered user funds with rapid response following a security incident on September 2, 2025.

The loss, initially reported as $27 million in PeckShield's report, was later adjusted to $13.5 million after the user's debt position was taken into account.

According to Venus, a user's wallet was compromised in a phishing attack. The attackers were found to have installed a malicious Zoom client on the user's computer, gaining authorization and tricking the user into approving transactions that made them the authorized representative of Venus's account. Using this method, the attacker then made loans and withdrawals on behalf of the victim.

Just 20 minutes after the suspicious transaction was detected by security firms Hexagate and Hypernative, the Venus team paused the protocol. After approximately 13 hours of work, the stolen funds were recovered and the platform was back up and running at full capacity.

Venus implemented an “emergency voting” mechanism to protect users throughout the process. Partial activity was initiated within the first five hours, and the attacker's wallet was forced into liquidation in the seventh hour. A comprehensive security review was completed within 24 hours.

The company maintained that there were no security vulnerabilities in the platform's front-end and that Venus Protocol was completely secure. It also stated that measures were taken to prevent user liquidation during the pause, and that no liquidation occurred in the BNB Core Pool during this period.

Venus Protocol made the following statement following the incident:

Fund security is our top priority. This attack was not caused by our protocol, but by malware installed on a user's device. Thanks to our swift actions, we recovered both user funds and confirmed the security of the entire protocol.