- A user of the Venus network suffered massive losses after authorizing a malicious transaction.
- The attacker needed only seconds to drain vUSDT, BTCB, vETH, vXRP and vUSDC.
- The native token plunged sharply after the news broke.
While the crypto market showed relative stability on Tuesday, XVS painted its daily chart red after reports emerged that a Venus Protocol user fell victim to a sophisticated phishing scam that resulted in the loss of roughly $27 million in digital assets.
What drew attention was how the incident unfolded.
This was not a failure of the Venus Protocol. The attacker gained full access to the victim’s assets after the user made a simple error.
According to on-chain investigator PeckShield:
The victim approved a malicious transaction, granting the attacker’s address (0x7fd8…202a) token transfer permissions.
#PeckShieldAlert A user of @VenusProtocol has been drained ~$27M in crypto after falling for a #phishing scam.
The victim approved a malicious transaction, granting token approval to the attacker’s address (0x7fd8…202a) for asset transfer. pic.twitter.com/NwkVlDxxOZ— PeckShieldAlert (@PeckShieldAlert) September 2, 2025
The attacker’s burner wallet emptied the assets immediately after the victim granted access.
It took only seconds to wipe out wealth that the victim likely accumulated over years.
Incidents like this underline the harsh reality of DeFi, where a single mistake can lead to catastrophic losses.
The breakdown of the stolen funds highlights the scale of the breach:
- $19.8 million in vUSDT
- $7.15 million in vUSDC
- $146,000 in vXRP
- $22,000 in vETH
- 285 BTC on the BNB Chain (BTCB)
The victim lost what many would consider a generational fortune, particularly within the crypto space.
What makes the case worse is that the hack was not caused by any vulnerability in the Venus Protocol.
The attacker relied on social engineering and the user’s trust to execute the scam.
Venus Protocol remains secure
One question the community wanted answered was whether the attacker exploited the Venus Protocol itself.
No. The lending and borrowing protocol built on the BNB Chain remained secure and fully operational.
The $27 million loss did not result from a programming bug, systemic exploit, or smart contract failure.
Instead, it is part of a growing trend of social-engineering scams in which attackers trick users into approving token allowances.
In June, a fraudster in New York used social engineering to steal more than $4 million from a Coinbase user. In another similar incident last August, a user lost over $240 million.
The weakness lies not in the protocol but in the wallet user’s actions.
Venus continued to operate normally after one of its users suffered a devastating loss.
That outcome understandably adds to the victim’s anguish.
Risks tied to DeFi freedom
Decentralized finance thrives on permissionless technology.
But that freedom brings significant risks.
Token approvals streamline interactions between digital assets and decentralized applications (dApps).
Yet granting unlimited approvals to wallets effectively cedes control to that address.
Those permissions become dangerous when a wallet is controlled by a bad actor.
That is exactly what happened to the Venus Protocol user — a single approval turned into a total catastrophe.
Moreover, DeFi offers no refund button or centralized helpline.
Mistakes in this space are often final, and the $27 million is likely gone for good.
XVS price outlook
Venus Protocol’s native token moved lower amid the fraud revelations.
Following a sharp drop, XVS fell more than 6% on the daily chart.
It traded around $5.99 under strong selling pressure.
A 24-hour trading volume surge of approximately 400% signaled heightened activity, likely from holders exiting positions to avoid further losses.
Bears currently dominate XVS price action, suggesting additional declines are possible before the altcoin can stabilize.