DeFi lender resumes operations, reassures users after halting withdrawals and liquidations
Venus Protocol, a leading lending platform on the BNB Chain, has restored its services after a $27 million exploit briefly disrupted operations earlier this week. The recovery follows a temporary suspension of withdrawals and liquidations as the team investigated a malicious contract update that siphoned millions in assets.
Exploit and immediate response
On Tuesday, on-chain analysts flagged suspicious activity linked to Venus’ Core Pool Comptroller contract, which appeared to reroute assets such as vUSDC and vETH to an attacker’s wallet. The incident prompted Venus to pause withdrawals and liquidations, a move aimed at containing the breach and ensuring no further compromise of user funds.
In an update on Wednesday, the team confirmed that the $27 million drained had been recovered, and that the platform’s front end and user balances remained uncompromised. The suspension allowed security partners to perform thorough checks before the system was brought back online.
Despite the swift response and recovery, Venus’ native token XVS remained under pressure. Over the past 24 hours, XVS was down 2.69%, extending losses from a broader sell-off on Tuesday. Traders appear cautious, awaiting the full findings of the platform’s investigation.
Official statement and next steps
Venus expressed gratitude to its community, stating that the recovery marked a “critical moment” for the protocol. The team also committed to publishing a comprehensive post-mortem report, which will detail how the malicious contract update was introduced, the timeline of events, and the security measures being reinforced to prevent future exploits.
A spokesperson emphasized: “All user funds are safe, and the exploit has been fully contained. We remain committed to transparency and will continue to strengthen security partnerships to safeguard the platform.”
Growing risks in DeFi
The Venus incident highlights the ongoing security challenges in decentralized finance (DeFi), where billions in value are locked across lending, trading, and staking protocols. While platforms like Venus often employ external audits and monitoring, attackers continue to exploit smart contract vulnerabilities and governance loopholes.
According to industry data, DeFi exploits have already accounted for hundreds of millions in losses globally in 2025, underscoring the importance of robust security frameworks.
With services restored and stolen assets recovered, Venus aims to rebuild user confidence and stabilize activity on its lending pools. The upcoming post-mortem will be closely watched by both the community and security experts as a test case in how DeFi protocols respond to high-profile exploits.
Disclaimer
This content is for informational purposes only and does not constitute financial, investment, or legal advice. Cryptocurrency trading involves risk and may result in financial loss.