Venus Protocol hit by $3.7M in ‘supply cap’ attack
The threat actor manipulated the platform by using Thena tokens to bypass the maximum supply cap and borrow several different digital assets.
Venus Protocol, a decentralized lending and borrowing platform, said on Sunday it had detected suspicious trading activity in the liquidity pool for the Thena (THE) token, the native cryptocurrency of the Thena decentralized finance platform.
The unusual trading activity only affected pools for the Cake (CAKE) token, the native cryptocurrency of the PancakeSwap decentralized exchange, and the Thena token, according to an announcement from Venus Protocol. The Venus team said:
The suspicious trading activity is suspected to be a supply cap attack that was executed in two phases: a steady accumulation of about 84% of the total THE token market cap, coupled with a lending attack, according Allez Labs, which was identified by Venus Protocol as its risk manager.
The Venus exploiter used the Theta token as collateral to borrow 6.67 million CAKE tokens, 1.58 million USDC (USDC), 2,801 BNB (BNB) — the native token of the BNB chain — and 20 Bitcoin (BTC), Allez Labs said.