Venus Protocol Moves to Reinforce Lending Safeguards After $3.7 Million Token Manipulation Exploit

Venus Protocol has tightened its collateral requirements and frozen several lending markets after a price manipulation exploit involving the low-liquidity THE token drained roughly $3.7 million in digital assets. The move highlights persistent structural risks in decentralized lending platforms, particularly those derived from early DeFi architectures.

The incident unfolded when an attacker engineered a sharp price spike in THE, a token associated with the THENA ecosystem, and used the inflated valuation to extract loans from Venus. Blockchain analysts tracking the exploit reported that the attacker accumulated a significant position in THE before aggressively pushing its price from roughly $0.27 to nearly $5 within a short window.

Once the price surge was established, the manipulated token holdings were used as collateral. With the artificially inflated assets backing the position, the attacker borrowed multiple cryptocurrencies from the platform, including approximately 20 BTCB, about 1.5 million CAKE tokens, and around 200 BNB. When the market inevitably corrected and THE collapsed back near $0.24, the position triggered liquidation events that exposed the protocol to millions of dollars in losses.

Security researchers say the attack relied on a structural weakness common in lending platforms built on Compound-derived code. Instead of depositing the token through the standard minting process, the attacker transferred THE directly into the vTHE contract. That maneuver allowed the position to bypass Venus’s supply cap controls, enabling a much larger collateral position than the system intended to permit.

Further investigation revealed that the address used in the exploit had received roughly 7,400 ETH through the crypto mixer Tornado Cash prior to executing the operation, suggesting the attacker prepared the capital well in advance. The wallet linked to the exploit has since become the focus of ongoing monitoring by blockchain security analysts.

The Venus team acknowledged what it described as “unusual activity” across the affected markets shortly after the exploit unfolded. As a precautionary measure, the protocol responded by setting collateral factors to zero for six additional assets listed on the platform. The affected markets include Bitcoin Cash, Litecoin, Uniswap’s UNI token, Aave’s AAVE token, Filecoin, and Trust Wallet Token.

The decision effectively prevents users from borrowing against those assets while risk parameters are reassessed. According to Venus, the freeze targets markets that share several characteristics associated with higher manipulation risk, including lower market capitalization, reduced trading volume, and concentrated collateral ownership.

THENA, whose token was used in the exploit, moved quickly to reassure its community that the vulnerability did not originate within its own infrastructure. The project confirmed that its smart contracts were not breached and emphasized that user funds within the THENA ecosystem remain secure. Internal monitoring systems reportedly flagged abnormal activity shortly after the attack began.

While the financial impact of the exploit is relatively modest compared with some of DeFi’s largest historical hacks, the episode adds to a growing list of security challenges faced by Venus over the past several years. Since 2021, the protocol has accumulated significant losses from a series of market disruptions, including a major price manipulation incident involving its native XVS token and a separate shock linked to the collapse of the Terra ecosystem.

Those setbacks have coincided with a steady decline in the protocol’s total value locked. Once exceeding $7 billion at its peak, Venus currently manages roughly $1.47 billion in deposited assets, reflecting the broader volatility and security concerns that continue to shape the decentralized finance sector.