Venus Protocol Phishing Liquidation

In March 2026, a large Venus Protocol user was phished into signing a delegation/approval that handed account control to an attacker, who then drained the victim's substantial supplied position (~$3.7M). Venus's contracts were never compromised — the loss was entirely a user-side wallet-authorization compromise. Through coordination with the Venus DAO and on-chain freezing, funds were largely recovered.

What happened

The victim — reportedly a large holder — signed a malicious transaction (delegation/approval) via a phishing site, granting an attacker the ability to act on their Venus position. The attacker borrowed/withdrew against it. Venus governance and security partners coordinated a freeze and the funds were substantially recovered.

Aftermath

• Large recovery via DAO coordination; user reimbursed/funds returned.
• Reinforced that this was a phishing incident, not a protocol exploit.

Why it matters

The Venus Protocol incident belongs to the catalogue's user-side phishing category (Whale Hunter's Payday), not its protocol-bug categories. Its inclusion underscores a distinction the catalogue is careful to draw: a protocol can be entirely sound and still be the venue of a multi-million-dollar loss, because the weakest link in DeFi is increasingly the human signing the transaction, not the contract receiving it. The recovery — enabled by DAO/governance coordination and on-chain transparency — is also a positive 2026 data point: as response infrastructure matures, even individual phishing losses are sometimes clawed back, which was rarely true earlier in the dataset.