Venus Protocol Pauses After $13.5M Phishing Loss
DeFi platform Venus Protocol has paused its smart contract following a targeted phishing scam that cost a user $13.5 million. Security firm PeckShield initially reported a $27 million loss but revised the figure after accounting for the wallet’s debt position. The scam tricked the victim into approving a malicious transaction, granting attackers full control over the wallet’s assets. Venus Protocol responded by halting operations to prevent further fund draining. The team has opened an investigation and is working directly with the victim to recover the assets. Liquidations for other users are also paused to avoid forced sales. While no smart contract vulnerability was exploited, the move underscores the rising threat of phishing scams in DeFi. Pausing a contract is controversial; supporters say it protects users, critics argue it undermines decentralisation. Between May 2021 and August 2024, phishing attacks drained $2.7 billion from DeFi wallets. Traders should monitor the protocol’s recovery efforts and consider the broader implications for DeFi security.
Neutral
In the short term, the smart contract pause introduces uncertainty around Venus Protocol’s token liquidity and operation timeline. Traders may reduce positions pending clarity on fund recovery. However, because no protocol-level exploit occurred and assets could be recovered, confidence in Venus Protocol may improve if the team successfully restores funds. Historically, DeFi hacks that led to permanent losses (for example, major exploits on other chains) triggered bearish reactions. This incident differs because it involves user error and a preventive response, limiting fallout. In the long term, the proactive measure could set a positive precedent for crisis management in DeFi. Yet repeated pauses may raise centralisation concerns, affecting investor trust. Overall, the impact on the broader market is neutral, highlighting security risks without undermining sector fundamentals.