- A Venus network user suffered massive losses after authorizing a malicious transaction.
- The attacker needed just seconds to drain vUSDT, BTCB, vETH, vXRP and vUSDC.
- The native token plunged sharply after the news.
While the broader crypto market showed stability on Tuesday, XVS turned red on its daily chart after reports that a Venus Protocol user fell victim to an elaborate phishing scam, losing roughly $27 million in digital assets.
What attracted attention was how the incident unfolded.
This was not a vulnerability in the Venus protocol. The attacker gained full access to the victim’s assets after a simple mistake by the user.
According to on-chain investigator PeckShield:
The victim approved a malicious transaction, granting token approval to the attacker’s address (0x7fd8…202a) to transfer assets.
#PeckShieldAlert A user of @VenusProtocol has been drained ~$27M in crypto after falling for a #phishing scam.
The victim approved a malicious transaction, granting token approval to the attacker’s address (0x7fd8…202a) for asset transfer. pic.twitter.com/NwkVlDxxOZ— PeckShieldAlert (@PeckShieldAlert) September 2, 2025
The attacker’s wallet immediately drained the assets after the user approved access.
It took only seconds to wipe out wealth that likely took years to accumulate.
Incidents like this underscore the harsh reality in DeFi, where a single mistake can result in catastrophic losses.
The breakdown of the losses highlights how damaging the attack was:
- $19.8 million in vUSDT
- $7.15 million in vUSDC
- $146,000 in vXRP
- $22,000 in vETH
- 285 BTC on BNB Chain (BTCB)
The victim lost what many would consider generational wealth, particularly within the crypto industry.
Worse still, the breach did not occur because of flaws in Venus Protocol.
The attacker exploited user trust and deception to execute the scam.
Venus protocol remains secure
One key question the community wanted answered was whether the attacker compromised the Venus protocol.
No. The BNB Chain–based lending and borrowing protocol remained secure and fully operational.
The $27 million loss was not caused by a coding flaw, systemic exploit, or smart contract bug.
Instead, it is part of a growing trend of social-engineering scams in which attackers trick users into approving token allowances.
In June, a scammer in New York used social engineering to steal more than $4 million from a Coinbase user.
Another similar case last August resulted in a victim losing over $240 million.
The weak link in these incidents is not the protocol but the individual who controls the wallet.
As a result, Venus Protocol continued functioning normally after one of its users experienced a devastating loss.
Does that offer any solace to the victim? Probably little.
Risks of DeFi freedom
Decentralized finance thrives on permissionless, open systems.
But that freedom carries significant risks.
Token approvals provide seamless interactions between digital assets and decentralized applications (dApps).
However, granting unlimited approvals to wallets reduces the user’s control.
Those permissions become dangerous if the wallet belongs to a scammer.
That simple approval was catastrophic for the Venus user.
Moreover, DeFi has no “undo” button or central hotline.
Errors in this space are often final, and the $27 million is likely gone for good.
XVS price outlook
The Venus Protocol’s native token turned bearish amid the scam news.
It fell more than 6% on the daily chart following the incident.
XVS traded around $5.99 under heavy selling pressure.
A 24-hour trading volume increase of 400% signals heightened activity, likely from holders exiting positions to avoid further losses.
Bears dominate XVS price action, suggesting further downside before the altcoin finds a stable floor.