- The attack is one of the more noteworthy decentralised finance security incidents of this year.
- The overall losses via crypto hacks slipped to $49 million in February, the lowest monthly figure in around a year.
On March 15, Venus Protocol revealed that it has found some suspicious trading activity in its liquidity pool for the Thena (THE) token. For clarification, Venus operates as a lending and borrowing platform, and THE is the native token of the Thena DeFi platform.
Venus has appointed Allez Labs as its risk manager, which stated that the incident seems to be a supply cap attack and it unravelled in two phases. The first phase shows that the attacker gradually collected around 84% of the overall Thena token market capitalisation.
The second phase included the attacker using those holdings as collateral to borrow other assets from the platform. The borrowed assets comprised 6.67 million CAKE tokens, 1.58 million USDC, 2,801 BNB, and 20 Bitcoin, as reported by Allez Labs.
The overall value lost in the attack surpassed $3.7 million, revealed by Wu Blockchain. Only the CAKE and THE pools were directly impacted by the exploit.
The Notable Attack
Venus Protocol replied by halting all THE borrows and withdrawals quickly. The team mentioned in a statement that this will stay in effect until the investigation is taken to end. As an extra precaution, Allez Labs mentioned Venus also shut withdrawals and borrowing for various other low-liquidity tokens on the platform.
The attack is one of the more noteworthy decentralised finance security incidents of this year. The overall losses via crypto hacks slipped to $49 million in February, the lowest monthly figure in around a year, as per the blockchain security company PeckShield.
That slip in hack-associated losses was, although, accompanied by a surge in phishing and social-engineering attacks aiming at individual users.
Nominis, a blockchain intelligence platform, mentioned that a lot of individual attacks in February comprised phishing websites, malicious signature requests, and address poisoning scams made to steal private keys.
The Venus incident shows a different threat category, one aiming protocol-level mechanics instead of individual user credentials.
Highlighted Crypto News Today:
Playnance Partners With KGeN to Expand Web3 Gaming Distribution Network
Source: https://thenewscrypto.com/venus-protocol-detects-3-7m-supply-cap-attack-on-the-pool/
