Venus Protocol – USD 27 Million Loss
A user of the Venus protocol on the BNB Chain fell victim to a phishing scam and unknowingly authorized a malicious address, allowing the attacker to drain approximately USD 27 million in assets such as vUSDT, vUSDC, vXRP, vETH, and BTCB.
Important: investigations indicate that this occurred at the level of a compromised wallet, it was not a failure in the Venus protocol itself.
BunnyXYZ – USD 8.4 Million Exploit
The BunnyXYZ protocol, operating on Ethereum and Unichain, suffered a technical vulnerability in its pool that allowed an attacker to drain USD 8.4 million (USD 6 million on Unichain and USD 2.4 million on Ethereum). The attacker manipulated price ticks, executed repeated withdrawals taking advantage of precision errors, and then redeemed the assets.
Why is it relevant?
Human and technical vulnerability: Venus exposes the risks of phishing, while BunnyXYZ reveals flaws in the pool mechanism, both reminders that neither users nor developments are completely safe.
Impact on market confidence: These attacks can trigger immediate negative reactions in related tokens and reduce trust among users and investors.
Opportunity to strengthen security: It reinforces the need for technical audits, better security education for users, and more robust protocols.
