Advertise
- Nidhi Kolhapur
Nidhi Kolhapur
Nidhi is a Certified Digital Marketing Executive and Passionate crypto Journalist covering the world of alternative currencies. She shares the latest and trending news on Cryptocurrency and Blockchain.
- Reviewed by:
Zafar Naik - Sep 02, 2025 11:58 UTC
-
Don’t Fall for This DeFi Scam! Venus User Loses $27M in One Click
Venus Protocol lost $27M after a user fell victim to a social engineering attack
Bunni exchange suffered a $2.4M exploit via manipulated smart contracts.
Crypto hacks surged in August, totaling $163M across 16 attacks
The DeFi space is facing another wave of attacks. Hackers are getting smarter, using social engineering tactics and smart contract weaknesses to steal millions.
Two major incidents this week, one targeting a Venus Protocol account and another affecting Bunni exchange, have shaken the crypto community and sparked new fears over DeFi security.
Venus Protocol Account Loses $27M
A major account on the Venus Protocol, a leading lending platform on the BNB Chain, was compromised, losing about $27 million in a hack. Blockchain analysts believe the user’s interaction with the Core Pool Comptroller contract allowed attackers to steal tokens like vUSDC and vETH.
The stolen funds from Venus Protocol are still stuck in the attacker’s contract. Blockchain security firms Cyvers Alerts and Peckshield flagged the suspicious activity.
A Costly Social Engineering Trap
This was not a typical exploit based on coding errors but a social engineering attack. The victim unknowingly approved a malicious transaction, giving the attacker full access to their wallet. The stolen assets included: $19.8M in vUSDT, $7.15M in vUSDC, $146K in vXRP, $22K in vETH, and even 285 BTCB.
Crypto analyst @Crypto Jargon notes that this was purely a “social engineering attack”, showing how one careless approval can drain a fortune instantly. He advised crypto users to avoid clicking unknown links, double-check transactions, revoke approvals regularly, and use hardware wallets whenever possible.
Venus Responds
Venus Protocol confirmed the breach but reassured users that its smart contracts remain secure. The platform was paused as a precaution while the team investigates.
They emphasized that Venus itself was not exploited and assured users that they are closely monitoring the situation.
Even with these reassurances, Venus’s governance token XVS fell 6% in 24 hours, dropping to $5.97.
Bunni Hit by $2.4M Exploit
Meanwhile, decentralized exchange Bunni also suffered a $2.4 million exploit. Bunni’s smart contract vulnerabilities were exploited, affecting assets across both Ethereum and UniChain networks.
All smart contract functions have been paused as a precaution while the team investigates. These two incidents highlight the biggest risks in DeFi: users falling for scams and vulnerabilities in smart contracts.
Crypto hacks have surged in August, with $163 million stolen across 16 attacks. Cybersecurity experts warn that hackers are shifting focus to exchanges and wealthy individuals, signaling rising threats in the booming market.
Never Miss a Beat in the Crypto World!
Stay ahead with breaking news, expert analysis, and real-time updates on the latest trends in Bitcoin, altcoins, DeFi, NFTs, and more.
FAQs
A user’s wallet was drained of $27M in vUSDT, vUSDC, and other tokens via a social engineering attack, not a protocol exploit. Venus paused operations as a precaution.
The victim approved a malicious transaction, granting the attacker full access to their tokens. The stolen funds remain trapped in the attacker’s contract.
Yes 
No 
