BNB Chain-based lending platform Venus Protocol has fully resumed services after a dramatic pause triggered by a phishing attack that cost one of its users nearly $27 million.
The protocol announced late Tuesday that withdrawals and liquidations were live again from 9:58 PM UTC, with the compromised funds placed under Venus’ protection.
The trouble started when a major Venus Protocol wallet, listed on-chain as 0x56…2008, was compromised. On-chain activity shows the wallet owner accidentally approved a malicious transaction, which handed the attacker control of assets worth tens of millions of dollars.
Security firm PeckShield was quick to flag the case, making it clear that Venus itself wasn’t exploited; the loss came from a phishing scam that targeted the individual user.
Venus moved quickly to contain the fallout. Operations were frozen to stop the attacker from exploiting the situation further. In a public statement, the team explained that resuming services immediately would have allowed the hacker to walk away with the stolen funds, something they were determined to prevent.
With pressure mounting, the Venus team turned to its community for direction through what it described as a “lightning vote.” The proposal outlined three key steps: partial reopening to let users repay debt and supply collateral, recovery of the stolen funds, and a complete security review before full resumption.
The response left no doubt. Every single vote supported the plan, giving the team the mandate to move forward. Soon after, Venus partially reopened, allowing users to adjust positions and avoid liquidation risks. But users still couldn’t withdraw their assets until the stolen funds were safely recovered.
Once recovery was confirmed, the protocol proceeded to restore full functionality. By late Tuesday night, all services were back online. The Venus team also said a detailed security review had been completed to prevent similar incidents in the future.
The case highlights one of the most persistent risks in decentralized finance: phishing. Even though Venus’ smart contracts were never breached, one malicious approval was enough to trigger a crisis that forced a multi-million-dollar freeze.
