Venus Protocol user loses $27 million in phishing attack exploiting approved wallet permissions

Summary

A Venus Protocol user on BNB Chain lost approximately $27 million in a phishing attack after approving a malicious transaction. The attacker gained access to the user’s wallet and drained about $19.8 million in Venus USDT (vUSDT) and $7.15 million in Venus USDC (vUSDC). The incident occurred on September 2, 2025, and was reported by PeckShield and Cyvers. Venus Protocol confirmed the suspicious transaction and paused operations for investigation. Analysts indicated the attack exploited previously granted token approvals, allowing the hacker to repay the user’s debt, borrow USDC, and withdraw vTokens. The user was warned to scrutinize transactions and manage permissions carefully to avoid such losses.