Attackers drained $27M from Venus Protocol in a suspected smart contract hack.
- Core Pool Comptroller contract may have been tampered with
- Stolen tokens include vUSDC and vETH
- No official comment yet from Venus team
Suspected Hack Targeted Core Contract
On Tuesday, the DeFi platform Venus Protocol was exploited on the BNB Chain. An estimated $27 million worth of tokens were taken. Experts believe the attacker updated a core smart contract called the Core Pool Comptroller to a malicious address. This allowed the attacker to drain assets from the platform.
Stolen Tokens Include Major Assets
The attacker took several types of tokens. These included vUSDC and vETH. These are wrapped versions of USD Coin (USDC) and Ethereum (ETH) used on Venus. So far, the attacker has not moved or sold the stolen assets. The crypto is still sitting in a contract controlled by the attacker.
Security Teams Are Investigating
Cybersecurity experts are watching the stolen funds. It’s still not clear how the attacker will use them. The Venus community has not made an official statement. The platform may be working behind the scenes to recover the funds or patch the issue.
Venus Protocol Plays Big Role in BNB Chain
Venus acts as a lending and borrowing platform. Users deposit crypto to earn interest or lock up assets to borrow other tokens. The platform’s token, XVS, is used for voting and rewards. At its highest point, Venus held over $7 billion in total value. That makes it one of the top DeFi apps on the BNB Chain.
What’s Next for Venus?
It’s not yet clear how the exploit will affect the Venus Protocol long-term. The stolen assets have not been fully moved or swapped. This leaves some hope for possible action by security teams. More updates are expected as the investigation continues.
Source: coindesk.com
