In a major security breach, Venus Protocol, a decentralized lending platform operating on the BNB Chain, has reportedly been exploited for approximately $2 million.
The alarm was raised by blockchain security firm GoPlus Security amogst others, which noted suspicious activity involving a significant amount of stolen vTokens, including vUSDT.
The exploit appears to have stemmed from a combination of Maximum Extractable Value (MEV) bot activity and vulnerabilities in the platform’s permission management system.
The incident is still under investigation, with more technical details expected to emerge as the analysis continues.
GoPlus Identifies Smart Contract Weaknesses Linked to Attack
GoPlus Security traced the breach to specific smart contracts on Binance Smart Chain (BSC), namely contracts starting with addresses 0xb5cbe1b0 and 0xb5cbcc19c.
These contracts were reportedly exploited by the attacker, who leveraged the flaws to extract vTokens.
The suspected mechanism behind the exploit includes the unauthorized use of permissioned functions, likely enabled by weak or compromised access control.
MEV-related strategies may have also played a role, pointing to the growing sophistication of blockchain-based financial attacks.
GoPlus emphasized that further analysis will be released to better understand the exploit path and vulnerabilities used.
Also Read: Cetus Protocol Offers $6M Bounty To Hacker In Return Of $56.3M, After $223M Sui DEX Exploit
CertiK Confirms Exploit Through Suspicious Transaction Patterns
Blockchain auditing firm CertiK also flagged the incident, identifying a known attacker address (0xd5c6f…) that repeatedly executed a function named printMoney() via a malicious smart contract.
The function allowed the attacker to drain funds from an unverified victim address (0xb5cb0), which had previously authorized the malicious contract.
CertiK’s analysis suggests that the victim’s private key may have been compromised or phished, granting the attacker the ability to transfer tokens at will.
The recent breach highlights the risks of compromised credentials in DeFi, where contract authorizations can become critical security liabilities.
Also Read: Coinbase Data Breach Hacker Mocks ZachXBT After Major $42.5M Swap
Attacker Redeems Tokens and Moves Stolen Assets
After executing the exploit, the attacker swiftly converted the stolen vTokens into BNB and stablecoins, effectively laundering the stolen funds.
CertiK reported that the attacker is currently holding around $1.96 million in various assets, which remain traceable on-chain at address 0xd5c6….E56A122c.
The rapid asset conversion indicates an effort to avoid detection and complicate potential recovery efforts.
It also reflects a broader trend in DeFi exploits, where attackers quickly swap derivatives and tokens to preserve liquidity and obfuscate their trails.
Broader Context: Rising Wave of DeFi and Exchange Exploits in 2025
The Venus Protocol hack is the latest in a growing list of DeFi and exchange security breaches in 2025.
Iran’s largest exchange, Nobitex, recently lost $90 million in a suspected state-sponsored cyberattack, reportedly from Israeli-linked hackers.
Similarly, Nervos Network lost over $3 million in a cross-chain bridge exploit, with attackers funneling funds through Tornado Cash to erase traces.
Taiwan-based BitoPro was also hit with a $11.5 million loss in May, while Cork Protocol suffered a potential $12 million smart contract breach.
These attacks underscore a persistent and escalating threat to blockchain platforms and reinforce the urgent need for upgraded cybersecurity protocols and better user education across the DeFi space.