Venus Protocol Debunks Rumors of Exploit, What Really Happened?

Venus Protocol, a Decentralized Finance (DeFi) lending platform operating on the BNB Chain, recently found itself at the center of attention when rumors of an exploit surfaced, attributed to findings by the Blockchain security firm, SlowMist.

Venus Protocol Clears the Air

Venus Protocol, however, swiftly responded, reassuring its community that there was no issue with the Venus Core Pool or the native token, XVS. The protocol asserted that the problem lay with a short-term pricing issue from the Binance Oracle affecting a specific isolated pool, and the team was actively addressing the situation.

The Venus Protocol case highlights the importance of transparency and open communication in the DeFi space. In a decentralized ecosystem, where trust is paramount, projects must be proactive in addressing concerns and keeping the community informed.

In August, the Venus community’s attention was drawn to the health of the exploiter’s address involved in the notorious BNB Chain Bridge hack. Data from PeckShield revealed that the exploiter’s address was teetering on the brink of liquidation, with a health rate of 0.99. This scenario echoed a past challenge that the Venus community had successfully navigated by passing a governance proposal to whitelist the liquidation of the BNB Bridge exploiter’s position.

Decentralized Finance World and its Security Challenges

The incident at Venus Protocol is not isolated, as the broader DeFi landscape has recently witnessed bouts of security challenges. 

KyberSwap, a decentralized exchange on the Kyber Network, fell victim to an exploit resulting in the loss of approximately $46 million in various cryptocurrencies. The attack targeted KyberSwap Elastic, leading to a rapid decline in the platform’s Total Value Locked (TVL) by around 70% within hours.

KyberSwap users were quickly informed to withdraw their funds as a precautionary measure. Intriguingly, blockchain analysts discovered on-chain messages left by the attacker, suggesting negotiations with protocol developers, employees, DAO members, and liquidity providers.

This incident with KyberSwap brings to mind a similar occurrence in July when Curve Finance experienced a major exploit due to a vulnerability in the programming language. Curve Finance later clarified that the issue stemmed from the combination of the affected Vyper version and the use of pure Ethereum (ETH).