BNB Chain Lending Protocol Venus Protocol experienced a carefully planned supply cap exploit on March 16. The hacker spent 9 months gradually building a position, manipulating THE token prices, and triggering a series of liquidations, ultimately extracting about $5.07 million in assets and leaving $2.15 million in bad debt.
(Background: BNB hacker nearly liquidated $200 million; Venus: BNB Chain official will “take over positions”)
(Additional context: Research | Common DeFi economic model attacks: token price manipulation, oracle errors, leverage liquidations)

Table of Contents

Toggle

Attack Timeline: 9 months lurking, 40 minutes harvesting
Results: $5.07 million withdrawn, $2.15 million in bad debt
Venus Emergency Response: 7 market collateral factors set to zero

On March 16, Venus Protocol, a leading lending protocol on BNB Chain, was subjected to a meticulously planned attack that lasted nine months. After obtaining funds via Tornado Cash, the hacker manipulated the low-liquidity THE (Thena native token) price, triggering a chain of liquidations, resulting in approximately $2.15 million in bad debt for the protocol. The hacker then withdrew about $5.07 million in assets, with potential profits even higher.

Attack Timeline: 9 months lurking, 40 minutes harvesting

A wallet address, “0x7a7,” which received 7,447 ETH (about $16.29 million) from Tornado Cash, has been identified by on-chain researchers as the mastermind behind the attack.

The attack was carried out in two phases:

Long-term lurking (starting June 2025): The attacker used normal deposit processes to slowly accumulate THE tokens on Venus, eventually holding 84% of the protocol’s supply cap (about 12.2 million tokens).
The day of the attack (about 40 minutes): Using ETH as collateral on Aave, the attacker borrowed $9.92 million stablecoins, and heavily accumulated THE tokens on centralized exchanges, likely to pump the spot price; simultaneously, they transferred 36.1 million THE tokens into the protocol contract, instantly increasing on-chain supply.

Then, a recursive loop was initiated: deposit THE → borrow other assets → use borrowed assets to buy more THE on-chain → wait for TWAP oracle delay, passive price increase → repeat.

During this process, THE spot price surged from $0.263 to $0.563, more than doubling. About 40 minutes later, the price collapsed to $0.22, triggering a chain of liquidations.

Results: $5.07 million withdrawn, $2.15 million in bad debt

The attacker ultimately borrowed and withdrew:

2,172 BNB
151,600 CAKE
20 BTC

Venus incurred bad debt consisting of approximately 1.18 million CAKE and 1.84 million THE tokens, totaling about $2.15 million. On-chain researchers noted that the attacker’s short positions on THE on centralized exchanges could have yielded additional profits, meaning actual gains might be much higher than the on-chain figures.

This attack technique is a known “supply cap donation attack” — according to CoinTelegraph, this is a known vulnerability that bypasses the supply cap in Compound-fork protocols. As a fork of Compound, Venus inherently has this attack surface.

Venus Emergency Response: 7 markets’ collateral factors set to zero

“Venus is committed to transparency, and a full report will be published after the investigation.” — Venus Protocol official statement

Venus announced that, in addition to previously suspending THE borrowing and withdrawals, it has now set the collateral factors of the following 7 markets to 0 as a precaution against markets with disproportionately high collateral holdings:

BCH, LTC, UNI, AAVE, FIL, TWT, lisUSD

The protocol emphasizes that all other markets remain unaffected and continue normal operation. A comprehensive post-incident report will be released after the investigation concludes.

This incident highlights the structural risks in DeFi lending protocols when low-liquidity tokens and TWAP oracle delays are combined — if attackers have enough time and capital to slowly build positions, traditional supply cap protections become ineffective.

Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to Disclaimer.

Musk’s X introduces smart tags, driving $1 billion in global trading volume in 3 days

bitcoin news ethereum news

Musk’s social platform X rolled out a brand-new “Smart Cashtags” feature on the evening of April 15 (last Tuesday). On April 17, Nikita Bier, X’s product lead, announced that in just 3 days the feature drove about $1 billion in trading volume across global markets, based on aggregated data from X’s trading pilot program.

MarketWhisper3m ago

Gate Daily Report (April 20): RAVE’s crash sparks warnings about altcoin manipulation; Charles Schwab Wealth Management considers entering prediction markets

Daily Crypto News Price Volatility Derivatives Data Prediction Market

Bitcoin gives back some of its recent gains, trading at $74,240. The RAVE token plunged 95%, prompting a warning about market manipulation. Charles Schwab and Castle Securities are considering entering prediction markets. U.S. stocks rose, and investors are watching the Middle East situation and the earnings season. Market liquidity is low, so a near-term pullback doesn’t need to be overly worrying.

MarketWhisper4h ago

Gate Daily (April 17): Musk’s X Money hits a roadblock with New York crypto regulation; Yuga Labs appoints a new CEO

Daily Crypto News Project Progress Geopolitics On-Chain Data Stocks

Bitcoin (BTC) is flat at $74,920. A ceasefire between Israel and Lebanon has taken effect, and Trump says Iran agreed not to develop nuclear weapons. Mizuho Bank warns that Musk’s X Money could be affected by New York’s crypto regulation. Yuga Labs replaces its CEO: Greg Solano becomes Chairman of the Board, and Michael Figge takes over. The market is broadly optimistic. A record-high Bitcoin buying wave in the past decade has emerged, suggesting the price may be moving toward $90,000.

MarketWhisper04-17 01:37

Solana and Ripple's 'XRP' Posts Highlight $100M Wrapped XRP Integration

XRP news solana news Daily Crypto News Price Volatility Token Events Partnerships & Ecosystem

Solana's recent post about "XRP" led to Ripple's reply, influencing XRP's price. This comes amid the launch of wrapped XRP on Solana through Hex Trust and LayerZero, attracting significant liquidity, highlighting an evolving collaboration in the crypto space.

GateNews04-16 11:51

Gate Daily Report (April 16): Tether may have purchased 951 BTC; Virginia enacts crypto property law

USDT news Daily Crypto News Geopolitics Regulation & Policy On-Chain Data Stocks

Bitcoin continues to rise, reaching $74,630. Tether uses its profits to buy 951 bitcoins. Virginia passes an unclaimed property law, requiring idle cryptocurrency to be transferred to the state government. U.S. stocks are driven by tech stocks, and the S&P 500 index hits a new high. Crypto market dynamics show that investors are paying attention to geopolitical conditions and U.S. monetary policy.

MarketWhisper04-16 01:46

Comment

0/400

No comments