Blog 4 min read

Venus Protocol Hit by $3.7M Flash Loan Attack on BNB Chain DeFi Platform

Venus Protocol
Written by
admin
Published on
Share
in x f

Venus Protocol, a decentralized finance (DeFi) lending platform on BNB Chain, confirmed a $3.7 million exploit on March 15, 2026. Suspicious trading activity was detected in the liquidity pool of the Thena (THE) token, the native cryptocurrency of the Thena decentralized finance platform.  

The unusual trading activity only affected pools for the Cake token, the native cryptocurrency of the PancakeSwap decentralized exchange, and the Thena token. It allowed the attackers to borrow multiple assets from the protocol. 

How did the attack happen? 

According to blockchain data, the attacker used an address to exploit the system. The attacker had begun the activity months earlier with a slow accumulation of approximately 84% of the supply cap, which is around $14.5 million in tokens. This activity was observed over a period of nine months, starting in June 2025.

The actual exploit took place when the attacker bypassed the normal deposit process and directly transferred the tokens to the protocol contract. It enables them to exceed the supply cap and build a massive 53.2 million THE collateral position, nearly 3.7 times the allowed limit. With the collateral, the attacker had borrowed 6.67 million CAKE tokens, 1.58 million USDC, 2801 BNB – the native token of the BNB chain, and 20 Bitcoin (BTC).

Allez Labs stated that, out of caution, it has temporarily halted borrowing and withdrawals for other tokens with low liquidity on the platform. This has pushed THE price from around $0.263 to nearly $0.563, before the market collapsed to $0.22 during liquidation.

Exploiting A Key Vulnerability 

The attackers exploited a known vulnerability in DeFi lending protocols that includes supply caps and oracle manipulation. They had bypassed supply caps by utilizing a donation mechanism, directly depositing THE tokens into the vTHE contract. This escalated the exchange rate and led the attacker to borrow against a falsely elevated collateral value. 

Venus Protocol acknowledged this incident and stated that they have started the investigation. It also announced precautionary measures. Borrowing and withdrawals of THE have been temporarily paused, and numerous markets that indicated high liquidity concentration, including BCH, LTC, UNI, AAVE, FIL, and TWT. 

The protocols also confirmed that all other markets remain operational and unaffected while the investigation continues. 

Venus Protocol’s Response

Following the exploit, Venus Protocol took immediate precautionary measures. Borrowing and withdrawals for THE tokens were temporarily halted, alongside markets with high liquidity concentration, including BCH, LTC, UNI, AAVE, FIL, and TWT. The platform confirmed that all other markets remained operational, minimizing disruption for unaffected users.

Venus Protocol also launched a thorough investigation to identify the exploit’s root cause. The team emphasized that understanding how the attacker bypassed existing safeguards is critical for implementing more robust protective measures and preventing similar attacks in the future.

DeFi Security Threats in 2026

The Venus Protocol exploit comes amid a broader rise in DeFi attacks. By early 2026, total losses in DeFi hacks reached approximately $86 million in January alone, spanning sixteen major platform breaches. One social engineering attack on a hardware wallet accounted for an additional $282 million in losses, underscoring that vulnerabilities extend beyond smart contracts into user behavior and ecosystem management.

Attackers increasingly employ AI-driven tools to scan for unpatched or overlooked code in established protocols, automating vulnerability detection and maximizing impact. Phishing campaigns have also evolved, using near-identical domain names and embedded malware to steal private keys or sensitive credentials. These trends illustrate that DeFi attacks are now a combination of technological and social exploits, requiring a multi-layered approach to security.

Final Thoughts 

The Venus Protocol attack has awakened the industry and pointed out the long-standing risks in DeFi, many of which were thought to have been resolved. This has also pushed platforms to adopt more sophisticated risk management across the BNB Chain and the broader DeFi ecosystem.