Headline: Пользователь Venus теряет $27 миллионов в результате фишинга, но средства возвращены Translation: Venus user loses $27 million to phishing, but funds are recovered.

A user of the Venus landing platform on BNB Chain lost approximately $27 million in assets due to a phishing attack, as reported by PeckShield.

The individual inadvertently authorized a harmful transaction, which allowed the attacker’s address (0x7fd8…202a) to transfer tokens from the victim’s wallet. Experts from Cyvers confirmed that the incident stemmed from a phishing scheme.

An alert indicated that a suspicious transaction involving a user of @VenusProtocol on the #BNBChain had taken place. The user unknowingly granted malicious transaction permissions, leading to the loss of $27 million in digital assets. The stolen funds were reportedly withdrawn as approximately $19.8 million in Venus USDT (vUSDT) and $7.15 million in Venus USDC (vUSDC).

The company assured that the incident was not due to any vulnerabilities in the platform’s smart contracts, and project representatives suggested that the issue was a mistake made by the trader.

«We are aware of the suspicious transaction and are actively investigating. Venus is currently paused following security protocols. We will keep you updated as we learn more.»

The Venus team announced that they had reimbursed the victim for the stolen funds and fully restored the protocol, including withdrawal and liquidation services.

As of 9:58 PM UTC, Venus Protocol has been completely reinstated (withdrawals and liquidations resumed). The lost assets have been recovered under Venus’ protection.

Project representatives pledged to release a comprehensive report on the incident and expressed gratitude to the community for their support during this critical period.

The founder of Pink Brains, under the alias Ignas, analyzed the incident using ChatGPT. The AI indicated that the attack was facilitated by the wallet owner’s careless actions.

The sensational headline about Venus being exploited for $40 million might be misleading. In testing the AI’s capabilities by feeding it the transaction data, it was revealed that Venus operated as intended, highlighting the significance of permission management in DeFi applications.

Ignas advised users to regularly review and revoke unlimited or unused approvals for all assets to minimize risks, emphasizing that AI’s ability to analyze transactions in the blockchain explorer enhances the technology significantly.

Trader known as Crypto Jargon also confirmed that the user granted unlimited access to their tokens through a malicious authorization.

«A Venus Protocol user just lost $27M in a single click. Here’s what happened: They approved a shady transaction, unknowingly giving unlimited access to their tokens. The attacker’s wallet (0x7fd8…202a) acted immediately, draining the assets.»

Experts urged users to exercise caution and reiterated basic security protocols, noting that fraudulent activity tends to ramp up during bullish market conditions.

In another incident, the decentralized exchange Bunni lost $2.3 million due to vulnerabilities in its Ethereum-based smart contracts. Blocksec analysts reported that the attacker withdrew $1.33 million in USDC and $1.04 million in USDT.

An alert was issued about a suspicious transaction targeting @bunni_xyz’s contract on #Ethereum, indicating a loss of approximately $2.3 million, prompting immediate action.

One of the main developers at Bunni urged users to withdraw their funds immediately.

«If you have money on @bunni_xyz, remove it ASAP.»

The project team confirmed the breach and paused all smart contract functions across networks as a precaution while investigations were underway.

«The Bunni app has been affected by a security exploit. As a precaution, we have paused all smart contract functions on all networks. Our team is actively investigating and will provide updates shortly. Thank you for your patience.»

It’s worth noting that in March, Venus developers reported a malfunction in the Binance oracle that resulted in a loss of $274,000.