Venus Protocol fully restored operations after successfully recovering $27 million from an exploiter through an emergency governance-approved force liquidation.
The BNB Chain money market protocol paused all services following a sophisticated phishing attack that compromised a large user wallet. It then executed a community-driven recovery process, which was later criticized for its incident response approach.
The incident began when a user fell victim to a phishing scam and approved malicious transactions, granting token access to an attacker’s address.
PeckShield initially reported $27 million drained, but later revised the exact figure to $13.5 million after excluding the attacker’s debt position from calculations.
Update: Venus Protocol has been fully restored (withdrawals and liquidations resumed) as of 9:58PM UTC.
The lost funds have been recovered under Venus' protection.
https://t.co/y2uUwPqmtb
— Venus Protocol (@VenusProtocol) September 2, 2025
Lightning-Fast Community Response Contribute to Recovery
Venus Protocol implemented a multi-phase recovery strategy through emergency governance voting, completing restoration within 24 hours.
The protocol initially paused all operations to prevent further exploitation while conducting comprehensive security reviews of frontend systems and smart contracts.
Community members participated in a lightning vote to authorize partial service restoration within five hours, enabling users to adjust their positions and avoid liquidations.
The second phase focused on recovering stolen funds through forced liquidation of the attacker’s wallet positions.
Binance founder CZ commended the response, stating, “Good fast response. Great to see the community coming together to protect a user and fight against hackers.”
Good fast response. Great to see the community coming together to protect a user and fight against hackers. Kudos!
— CZ
BNB (@cz_binance) PeckShield confirmed the successful fund recovery through force liquidation, providing transaction details on BSCScan.
The security firm praised the innovative approach to recovering compromised assets through decentralized governance mechanisms.
The protocol’s XVS token initially dropped by 5% following the news of the attack, but recovered to $6.01. XVS remains down 95.9% from its May 2021 peak of $147.02.
At the time of writing, the token is trading at $6.16, up 2.1% in the past 24 hours, according to CoinGecko.
Venus Protocol maintains $1.86 billion in total value locked according to DefiLlama data, down from over $6.5 billion at its 2021 peak.
The platform generates the second-highest cumulative fees on BNB Chain at $137 million, trailing only PancakeSwap’s $3.2 billion.
Force Liquidation Sparks Decentralization Debate
However, amid successful funds recovery, the force liquidation mechanism has raised questions about Venus Protocol’s decentralization claims, with community members questioning how the intervention aligned with DeFi principles.
I dont get it, where is the decentralization?
— 0xAndev ∞/21M.lvl
(@0xAndev) Users asked whether governance-controlled liquidations compromised the protocol’s decentralized nature.
Force liquidation typically occurs automatically when borrowers’ collateral values fall below required thresholds, triggered by smart contracts without human intervention.
The Venus incident involved manual governance intervention to liquidate specific positions for fund recovery.
This emergency action required centralized governance powers to override normal automated processes, which means partial decentralization during crisis management.
While core protocol operations remain decentralized, extraordinary circumstances call for concentrated decision-making.
The technical implementation involved community governance voting to authorize exceptional liquidation parameters targeting the attacker’s positions.
Smart contracts executed the liquidation once governance approval was obtained, maintaining some decentralized execution elements.
DeFi protocols often strike a balance between decentralization and security through emergency governance mechanisms, designed to protect users during unprecedented situations.
This trade-off allows rapid response to threats while maintaining automated operations under normal conditions.
The incident marked the first major BNB Chain attack in months, breaking a security streak that saw losses drop 70% from $161 million in 2023 to $47 million in 2024.
Hacken’s joint report with BNB Chain documented significant security improvements across the ecosystem.
Previous major BNB Chain incidents include the 2022 Binance hack, which resulted in $570 million in losses, and various DeFi exploits throughout 2023-2024.
The Venus phishing attack differed from smart contract vulnerabilities, as it targeted user security practices rather than protocol code.
Access control exploits remain the primary threat vector on BNB Chain, responsible for 69% of all losses according to the Hacken security report.
The post Venus Protocol Restores Services After Recovering $27M from Exploiter Through Force-Liquidation appeared first on Cryptonews.
Credit: Source link