Venus Protocol suspended its smart contract after one of its users lost $27 million in a phishing attack. Security firm PeckShield later adjusted the figure to $13,5 million.
A VenusProtocol user lost around $27 million in cryptocurrency after falling victim to a phishing attack. He approved the malicious transaction by providing the attacker with an address (0x7fd8…202a) to transfer the assets, PeckShield analysts said.
According to them, the user was tricked into confirming a malicious transaction. This ensured that any transaction initiated by the attacker was automatically confirmed and allowed the criminal to control all funds in the wallet.
In response to this, the team Venus Protocol suspended its smart contract as a precaution and said it was investigating the incident. It later issued a statement saying smart contract will be revoked until justice is restored to the user.
If the protocol resumes operation now, the hacker will receive the user’s funds, the platform developers wrote.
In addition, the developers explained that the losses were not related to a smart contract exploit. Most likely, the user became a victim of a targeted phishing attack.
By 4am the team Venus stated that the protocol had been fully restored, withdrawals and liquidity creation had resumed, and lost funds had been returned.