Venus Protocol, a DeFi lending platform on the BNB Chain, has paused operations following a phishing attack that led to a $13.5 million loss for a user. The platform clarified that the incident arose from the user granting malicious permissions, not due to vulnerabilities in their smart contracts. Security firm PeckShield initially reported a $27 million loss, later adjusting it based on the user’s debt position. This incident highlights the rising threat of phishing attacks in the DeFi sector, with over $2.17 billion lost to cybercrimes in early 2025. Venus’s governance token, XVS, dropped over 5% but has since regained some value.
Phishing Attack Exposes DeFi’s Human Vulnerability, Not Just Tech Flaws
