Introduction: Rising Risks in DeFi
A DeFi trader became a victim of a phishing attack that cost him $13.5 million in crypto assets, according to blockchain security firm PeckShield.
The user, operating on the Venus Protocol lending platform, inadvertently consented to a malicious transaction that allowed attackers to remove stablecoins and double-wrapped assets from their wallet.
PeckShield initially estimated losses at $27 million, later revising the figure as it did not offset user debts.
How the Phishing Scam Worked
Phishing attacks trick victims into giving harmful permissions or revealing sensitive information to malicious actors. In this case, the user approved a malicious transaction, granting attackers access to funds.
Key lesson: Always exercise caution when trading or interacting with smart contracts in DeFi.
Also Read : Global Regulators Clash with SEC Over Tokenized Stocks
Venus Protocol Responds: Platform Remains Secure
According to the protocol’s official X (fka Twitter) account, Venus Protocol smart contracts were not hacked. While user error caused the loss, operations were paused to conduct security reviews.
“At the moment, yes, that seems to be the case. We will keep everyone updated as we investigate,” the team stated.
September Sees Surge in Crypto Exploits
The phishing attack is part of a broader trend of crypto scams, reports Cointelegraph.
- A phishing wallet exploit targeted WLFI governance token holders.
- Bunni decentralized exchange paused smart contracts after an Ethereum exploit caused $2.3 million in losses, according to BlockSec Phalcon.
After a costly August—when hackers drained over $163 million across 16 attacks—cybercriminal activity continues to rise. As crypto prices rally, security exploits tend to spike, according to Kronos Research CEO Hank Huang.
Key Takeaways for DeFi Traders
- Always verify transactions and permissions in your wallet.
- Use hardware wallets and secure authentication methods.
- Monitor alerts and platform halts related to security.
The Venus Protocol incident did not reveal bugs in the platform’s code. Nonetheless, it underscores ongoing risks in decentralized finance and highlights the importance of personal security measures when trading crypto.
