- A Venus network user suffered massive losses after approving a malicious transaction.
- The attacker drained vUSDT, BTCB, vETH, vXRP and vUSDC in seconds.
- The native token plunged sharply after the news broke.
While the crypto market showed relative stability on Tuesday, XVS painted its daily chart red after reports emerged that a Venus Protocol user fell victim to a sophisticated phishing scam, resulting in the loss of approximately $27 million in digital assets.
What drew attention was the simplicity of how the incident unfolded.
This was not a flaw in the Venus protocol. The attacker gained full access to the victim’s assets after one simple mistake.
According to on-chain investigator PeckShield:
The victim approved a malicious transaction and granted token approval to the attacker’s address (0x7fd8…202a) allowing transfers of assets.
#PeckShieldAlert A user of @VenusProtocol has been drained ~$27M in crypto after falling for a #phishing scam.
The victim approved a malicious transaction, granting token approval to the attacker’s address (0x7fd8…202a) for asset transfer. pic.twitter.com/NwkVlDxxOZ— PeckShieldAlert (@PeckShieldAlert) September 2, 2025
The attacker’s burn wallet immediately drained the assets after the user granted access.
It took only seconds to wipe out what was likely years of accumulated wealth.
Incidents like this underscore the harsh reality of the DeFi world, where a single mistake can lead to catastrophic losses.
The breakdown of the stolen assets highlights how extensive the attack was:
- $19.8M in vUSDT
- $7.15M in vUSDC
- $146K in vXRP
- $22K in vETH
- 285 BTCB on the BNB Chain
The victim lost what many would consider generational wealth, especially by crypto standards.
Worse still, the hack did not result from vulnerabilities in the Venus protocol.
The attacker simply exploited the user through deception and social engineering to execute the fraud.
Venus Protocol remains secure
One major concern for the community was whether the attacker had breached the Venus Protocol itself.
No. The BNB Chain-based lending and borrowing protocol remained secure and fully operational.
The $27 million loss did not stem from a coding error, systematic exploit, or smart contract vulnerability.
Instead, it is part of a rising trend of social engineering scams where attackers trick users into approving token allowances.
In June, a social engineering scam in New York led to over $4 million stolen from a Coinbase user.
Another similar incident last August cost a victim more than $240 million.
The weak link is not the protocol but the user who controls the wallet.
Accordingly, Venus Protocol continued operating normally after one of its users experienced a devastating loss.
Does that make the victim’s frustration any less severe?
Risks of DeFi’s permissionless freedom
Decentralized finance thrives on permissionless technology.
However, that same freedom carries significant risks.
Token approvals enable seamless interactions between digital assets and decentralized applications (dApps).
Yet granting unrestricted approvals reduces user control over assets.
If the wallet approving those permissions belongs to a scammer, the consequences can be dire.
That is exactly what the Venus Protocol victim experienced — a single approval became a total catastrophe.
Moreover, DeFi offers no “refund” button or customer support line.
Errors are often final in this space, and the $27 million is likely gone for good.
XVS price outlook
Venus Protocol’s native token turned bearish amid the fraud revelation.
XVS plunged more than 6% on the daily chart following the news.
At the time of reporting, XVS traded around $5.99 under heavy selling pressure.
A 400% spike in 24-hour trading volume signals heightened activity, potentially from holders exiting positions to avoid further losses.
Bears currently dominate XVS price charts, suggesting further downside may occur before the altcoin can stabilize and regain footing.