Venus Protocol Suffers Code‑Exploit Attack, Losses Exceed $3.7 Million
Sunday, 15 March 2026 – The Binance Smart Chain‑based lending platform announced a halt to borrowing and withdrawals of the Thena (THE) token after detecting a coordinated exploit that drained more than $3.7 million in various assets.
What happened
Venus Protocol, a decentralized finance (DeFi) lending and borrowing hub on BNB Chain, flagged “suspicious trading activity” in the liquidity pool that houses the native token of the Thena platform, THE. The abnormal activity was confined to pools involving THE and PancakeSwap’s CAKE token.
In response, the Venus team immediately paused all borrowing and withdrawal operations for THE, stating that the precaution would stay in place until the investigation is finished. The temporary freeze also extended to other low‑liquidity assets on the platform as a safeguard.
According to Allez Labs, the risk‑management partner hired by Venus, the attack followed a two‑stage “supply‑cap” strategy:
- Market‑cap accumulation – The attacker quietly amassed roughly 84 % of THE’s total market capitalization, thereby gaining a dominant position in the pool.
- Lending abuse – Using THE as collateral, the malicious actor borrowed a suite of high‑value tokens: 6.67 million CAKE, 1.58 million USDC, 2,801 BNB, and 20 BTC.
The combined value of the stolen assets now tops $3.7 million, as reported by blockchain analytics firm Wu Blockchain.
Immediate market impact
At the time of writing, THE’s price on CoinMarketCap sits around $0.2255, down more than 17 % in the past 24 hours. The price dip reflects both the loss of liquidity and heightened uncertainty surrounding the protocol’s security posture.
Broader context
The incident underscores the persistent risk of code exploits and sophisticated market‑manipulation tactics in the DeFi space. While overall crypto‑related hacks saw a decline to $49 million in February 2026—its lowest level in almost a year—attackers are increasingly shifting toward complex financial attacks that combine market manipulation with borrowing abuses, rather than relying solely on phishing or social‑engineering scams.
Analysis
- Supply‑cap attacks are gaining traction. By first inflating their holdings of a token, attackers can later leverage that concentration to trigger borrowing cascades, extracting value from multiple pools simultaneously.
- Cross‑token collateralization amplifies damage. The use of THE as collateral to secure CAKE, USDC, BNB, and BTC demonstrates how a single vulnerable asset can become a gateway to broader systemic losses.
- Liquidity management remains a weak spot. Low‑liquidity pools, such as THE on Venus, are especially attractive to exploiters because modest price moves can translate into outsized borrowing power.
Venus’s swift suspension of THE operations may limit further outflows, but the episode highlights the need for more robust on‑chain risk controls, real‑time monitoring of token concentration, and dynamic collateral‑valuation mechanisms.
Key takeaways
- Attack vector: A two‑phase supply‑cap and lending exploit targeting THE’s liquidity pool on Venus Protocol.
- Financial loss: Over $3.7 million in CAKE, USDC, BNB, and BTC extracted via the exploit.
- Immediate response: Venus paused all THE borrowing and withdrawals; additional low‑liquidity assets were temporarily frozen.
- Market reaction: THE fell more than 17 % in a single day, reflecting reduced confidence and liquidity.
- Industry implication: The event illustrates the evolving sophistication of DeFi attacks, where token accumulation precedes multi‑asset borrowing exploits.
- Future outlook: Platforms are likely to adopt tighter supply‑cap monitoring, dynamic collateral limits, and automated emergency shutdown procedures to curb similar threats.
Cointelegraph reached out to Venus Protocol for comment but did not receive a response before publication.
Source: https://cointelegraph.com/news/venus-protocol-3-7-million-supply-cap-attack?utm_source=rss_feed&utm_medium=feed&utm_campaign=rss_partner_inbound
