Venus Protocol: THE Market Incident Stemmed from Supply Cap Vulnerability, Not Flash Loan Attack

ChainCatcher News: Venus Protocol has issued a statement regarding the THE market incident, stating that this was not a flash loan attack, but rather an exploit where the attacker took advantage of a vulnerability in the protocol’s old code related to the supply cap. The team explained that the attacker continuously accumulated THE tokens over approximately nine months, gradually establishing dominance in the supply on Venus.

The announcement noted that the attacker bypassed the normal deposit process by directly transferring THE tokens into the protocol contract, thereby exceeding the 14.5 million THE supply cap. They also manipulated DEX prices by exploiting low on-chain liquidity. Once the external price was gradually reflected by the TWAP oracle, the attacker used inflated collateral values to repeatedly borrow assets (such as CAKE, BNB, etc.), then bought more THE to push up the price, and kept transferring THE into the vTHE market to increase collateral value. This cycle temporarily pushed the price from about $0.27 to approximately $0.53. Ultimately, after the position was liquidated, bad debt remained in the protocol.

Venus stated that the THE market has now been paused, with its collateral factor reduced to 0 and withdrawals suspended. As a precaution, collateral factors for eight other markets—BCH, LTC, AAVE, POL, FIL, TWT, UNI, and lisUSD—have also been reduced to 0. The team and security partners are continuing their investigation and will release a comprehensive post-incident analysis report later.