PANews reported on March 16th that Venus Protocol shared an update from its risk manager, Allez Labs, regarding yesterday's attack: Venus suffered a supply cap manipulation attack in the BNB Chain core pool. The attacker gradually accumulated THE tokens over nine months, starting in June 2025, reaching 84% of the supply cap (approximately 14.5 million tokens). They then bypassed the normal deposit process by directly transferring funds to the protocol contract, completely circumventing the supply cap and establishing a position of 53.2 million THE tokens (3.67 times the cap). Exploiting the low liquidity on the THE chain, the attacker manipulated the TWAP oracle through recursive operations, borrowing large amounts of other assets after the price rose from $0.27 to $0.53. At its peak, the attacker used 53.2 million THE tokens as collateral to borrow 6.67 million CAKE, 2801 BNB, 1970 WBNB, 1.58 million USDC, and 20 BTCB. As a precautionary measure, lending and withdrawal functions have been suspended for THE assets and highly liquid markets such as BCH, LTC, UNI, AAVE, FIL, and TWT. Other Venus markets are unaffected and operating normally. Venus stated that it will continue its investigation with its security partners and will provide timely updates on the progress.

Previous reports indicated that VenusProtocol was suspected of being targeted by a flash loan attack, with the attackers profiting over $3.7 million .