On September 2, 2025, the DeFi platform Venus Protocol reported the recovery of user funds following a security incident that led to a loss of $13.5 million.
The Security Incident and Its Consequences
According to PeckShield’s report, the initial loss was estimated at $27 million. However, after accounting for the user’s debt position, the figure was adjusted to $13.5 million. It was noted that the user’s wallet was compromised in a phishing attack during which the attackers installed a malicious Zoom client on the user's computer, gaining access to the wallet and tricking the user into approving transactions that allowed them to become the authorized representative of the Venus account.
Measures Taken by Venus Protocol
Twenty minutes after suspicious transactions were detected, the Venus team paused the protocol. After approximately 13 hours of work, the stolen funds were recovered and the platform was back up and running at full capacity. Venus also implemented an 'emergency voting' mechanism to protect users throughout the process.
Company Statement and Outcomes
The company confirmed that there were no security vulnerabilities in the front-end of the platform and that Venus Protocol remains completely secure. Measures were taken to prevent user liquidation during the pause, and no liquidations occurred in the BNB Core Pool during this period. Venus Protocol stated: 'Fund security is our top priority. This attack was not caused by our protocol, but by malware installed on a user's device. Thanks to our swift actions, we recovered both user funds and confirmed the security of the entire protocol.'
The security incident at Venus Protocol highlights the importance of protecting personal data and funds on financial platforms. The platform demonstrated promptness in recovering funds and strengthened security measures.
