Venus 'THE' exploit
The Venus protocol on BNB Chain suffered an exploit tied to manipulation of low‑liquidity 'THE' collateral, creating new bad debt and renewed scrutiny of thin markets, reported this week. The incident underscores the ongoing danger of weakly vetted collateral on lending markets and the need for stricter asset onboarding.
Venus' post‑mortem said) the core attack executed on March 15, 2026 involved a 53.2 million THE deposit that inflated vTHE’s exchange rate to ~3.67× the protocol’s 14.5M supply cap. On‑chain tracing shows) the primary attacker wallet 0x1a35bd28efd46cfc46c2136f878777d69ae16231 and an attacker contract 0x737bc98f1d34e19539c074b8ad1169d5d45da619, with a staging wallet receiving 7,447 ETH routed from Tornado Cash prior to the operation. The atomic exploit transaction borrowed) roughly $14.9M of assets against the inflated position and during the sequence the attack contract extracted specific amounts such as 910,000 CAKE and 1,972 BNB according to the incident timeline. Multiple outlets reported) the attacker drained over $3.7M in liquid assets and the liquidation cascade left Venus with about $2.15M in unrecoverable bad debt. Venus announced) immediate suspension of all THE borrows and withdrawals and the protocol’s governance thread outlined) follow‑up mitigations including temporary market freezes and changes to collateral parameters. Security researchers and post‑mortem authors noted) the attacker exploited a known “donation” vector in Compound‑forked architectures that had been flagged in prior audits but remained an unpatched risk.
