Venus Protocol froze collateral across six additional markets after an attacker manipulated the price of THE to extract roughly $3.7 million in digital assets.
Security researchers said the attacker’s wallet received about 7,400 Ether through Tornado Cash before executing the exploit.
The attacker accumulated a large position in THE, pushing its price from about $0.27 to nearly $5 before using the inflated collateral to borrow assets including 20 BTCB, 1.5 million CAKE and 200 BNB.
After liquidation triggered, THE’s price rapidly collapsed back to roughly $0.24, completing the exploit and leaving the protocol exposed to losses.
To prevent further attacks, Venus reduced collateral factors to zero for markets including Bitcoin Cash, Litecoin, Uniswap, Aave, Filecoin and Trust Wallet Token.
Thena said its internal monitoring detected the incident around 12:00 UTC and confirmed its smart contracts were not breached.
The exploit used a known vulnerability affecting some lending platforms derived from the Compound protocol by transferring tokens directly to the collateral contract.
Venus has faced multiple exploit-related losses since 2021, including roughly $95 million from XVS price manipulation and $14 million linked to the Terra ecosystem collapse.
At the time of reporting, Ethereum price was $2,177.69.