136.7K @hackenclub 🚨 @VenusProtocol on BSC was exploited for ~$3.7M on March 15.
Root cause: supply cap bypass via direct ERC-20 transfers to a vToken contract, a known Compound V2 design flaw previously flagged in Venus’s own Code4rena audit.
Example tx:
https://t.co/qSMEA4RjPc
~50 exploit transactions in total. 🧵
136.7K @hackenclub The attacker spent 9 months accumulating THE (Thena token), reaching 84% of Venus’s 14.5M supply cap via normal deposits.
Community members flagged the address earlier, but no action was taken – technically, no rules had been broken yet.
136.7K @hackenclub The bug:
Venus’s vToken exchange rate uses balanceOf() for totalCash.
• mint() enforces supply caps
• but raw ERC-20 transfer() to vTHE does not
By transferring THE directly to the contract, the attacker inflated totalCash → exchange rate → effective collateral value, making the supply cap meaningless.
136.7K @hackenclub Attack loop:
• Borrow CAKE / BTC / BNB using THE as collateral
• Swap borrowed assets for more THE on DEX (pumping price)
• Transfer THE directly to vTHE (bypassing cap)
• Wait for the TWAP oracle to catch up
• Repeat
Each cycle increased borrowing power.
Final position: 53.2M THE – 3.67× the 14.5M cap.
136.7K @hackenclub Assets extracted:
• ~20 BTCB
• 1.5M CAKE
• 200 WBNB
THE price moved $0.27 → $0.53 → $0.22.
Outstanding bad debt: 1.18M CAKE (~$2.15M).
Funds remain in attacker wallet 0x1a35.
Initial funding came via Tornado Cash.
136.7K @hackenclub Venus states the oracle functioned as designed, reflecting market prices.
The issue was an artificially pumped collateral asset feeding into an uncapped position.
THE market and 8 other low-liquidity markets are now paused while supply-cap enforcement is being hardened.
https://t.co/XY7THTZdL0
136.7K @hackenclub ⚠️ Attention Compound V2 forks:
Verify whether direct token transfers to your cToken contracts bypass supply-cap logic.
If so, the same attack pattern may still be exploitable.
89
11
8.8K
78.2K @lianyanshe lista added a massive amount of USD1 liquidity, now participating in USD1 investment with a 20% annual yield puts us back on the same starting line as before.
USD1, stop dropping 😂 https://t.co/lqv9ETopLV
114.6K @BroLeon I wondered why $USD1 price dropped today, turns out @lista_dao's pool suddenly added a wave of USD1 liquidity, making it comfortable for those who wanted to earn 20% annual yield but were worried about the coin price dropping.
When USD1 Binance savings subsidies were available, the moment BTCB was pledged in Lista to borrow USD1, all the USD1 was borrowed instantly, and the borrowing rate on @VenusProtocol surged to 15%. I could only switch to borrowing some SolvBTC, which pushed the annual yield up to 6%.
Today Lista added over 20M USD1 to the pool in one go, bringing the annual yield down dramatically; now the borrowing APR is only 1.25%. If you have BNB and a Binance account, you can enjoy a nice yield.
6
6
4.5K
174.8K @wublockchain12 Wu said that Binance Wallet has launched the Web3 Loan on-chain lending feature. This feature allows users to use existing assets in the wallet as on-chain collateral, borrow crypto assets, and directly access third‑party decentralized lending protocols via Binance Wallet. Currently, Web3 Loan has integrated the Venus lending protocol on BNB Chain, supporting assets such as BTCB, ETH, USDT, USDC, FDUSD, WETH as collateral, and allowing borrowing of USDT, USDC and BNB. https://t.co/g7lxE1pEyn
3
2
3.2K
