Venus Protocol Hit by $3.7M Flash Loan Attack on BNB Chain
Decentralized lending platform Venus Protocol has reportedly suffered a suspected flash-loan attack on its Core Pool on BNB Chain, leading to losses of more than $3.7 million.
On-chain data shows the attacker manipulated supply caps using the Thena (THE) token, allowing them to borrow multiple assets from the protocol.
How the Venus Protocol Attack Happened?
According to blockchain data, the attacker used an address starting with 0x1a35…6231 to exploit the system. The strategy began months earlier, when the attacker slowly accumulated around 84% of the THE supply cap (14.5M tokens) over nine months starting in June 2025.
The real exploit occurred when the attacker bypassed the normal deposit process by directly transferring tokens to the protocol contract.
This allowed them to exceed the supply cap and build a massive 53.2 million THE collateral position, which was nearly 3.7 times the allowed limit.
Borrowing and Price Manipulation
Using the inflated collateral, the attacker began borrowing large amounts of assets, including:
Around 20 BTC in wrapped BitcoinAbout 1.5 million CAKE tokensNearly 200 BNB1.58 million USDC
To maximize the exploit, the attacker repeatedly followed a loop strategy: deposit THE, borrow assets, buy more THE, and wait for the TWAP oracle price update to increase the collateral valuation.
This pushed the price of THE from around $0.263 to nearly $0.563 before the market eventually collapsed to about $0.22 during liquidation.
Venus Protocol Responds
Following the incident, the team behind Venus Protocol announced precautionary measures. Borrowing and withdrawals of THE have been temporarily paused, along with several markets that showed high liquidity concentration, including BCH, LTC, UNI, AAVE, FIL, and TWT.
The protocol confirmed that all other markets remain operational and unaffected while the investigation continues.
The team also stated it will release a detailed report once the full analysis of the exploit is completed.
Trust with CoinPedia:
CoinPedia has been delivering accurate and timely cryptocurrency and blockchain updates since 2017. All content is created by our expert panel of analysts and journalists, following strict Editorial Guidelines based on E-E-A-T (Experience, Expertise, Authoritativeness, Trustworthiness). Every article is fact-checked against reputable sources to ensure accuracy, transparency, and reliability. Our review policy guarantees unbiased evaluations when recommending exchanges, platforms, or tools. We strive to provide timely updates about everything crypto & blockchain, right from startups to industry majors.
Investment Disclaimer:
All opinions and insights shared represent the author’s own views on current market conditions. Please do your own research before making investment decisions. Neither the writer nor the publication assumes responsibility for your financial choices.
Sponsored and Advertisements:
Sponsored content and affiliate links may appear on our site. Advertisements are marked clearly, and our editorial content remains entirely independent from our ad partners.
