Venus Protocol Loses $2 Million Due to THE Token Manipulation

Venus Protocol suffered a $2 million loss due to a hacker manipulating the THE token price through a series of complex transactions.

On March 15, the lending platform Venus Protocol on the BNB Chain was targeted by a hacker. The attacker focused on the THE token from the DeFi project Thena.

Our risk manager @AllezLabs shares what we know so far. We will continue to provide updates as our investigation progresses. https://t.co/VeBsdzDMXH
— Venus Protocol (@VenusProtocol) March 15, 2026

The hacker exploited the low liquidity of THE and executed a classic price manipulation using an oracle. They deposited the token as collateral, borrowed other assets against it, immediately purchased more THE with those assets, and repeated the cycle. All actions were precisely timed with updates from the temporary oracle.

This attack vector became possible after Venus added THE to its main pool of collateral assets.

Details of the Attack

On-chain specialist Weilin Li was one of the first to notice the incident. According to him, the hacker artificially inflated the token price from $0.27 to nearly $5.

https://t.co/RV18WHJalA
— Weilin (William) Li (@hklst4r) March 15, 2026

The expert compared the attack to the hack of the DeFi platform Mango Markets that occurred in 2022.

To bypass the deposit limit for THE in Venus, the hacker employed a so-called donation attack. They transferred tokens directly into the vTHE smart contract, circumventing the standard issuance procedure. This artificially inflated the platform's exchange rate and allowed them to bypass the set limit.

After the first round of borrowing, the temporary oracle updated the price of THE to $0.50. This figure lagged significantly behind spot quotes but was nearly double the original level.

The attacker attempted to continue the cycle by purchasing more THE with borrowed funds but could not withstand selling pressure. The health factor dropped close to one, leading the protocol to liquidate the position.

The nominal collateral reached $30 million, but there was no market depth for such a sale—THE plummeted into an empty order book. Following the liquidation, the price fell to $0.24.

The Hacker Earned Nothing

According to Li, the hacker made almost nothing and likely ended up at a loss. However, he did not rule out that the attacker hedged through perpetual futures on other platforms.

An analyst known as EmberCN estimated Venus's unrecoverable debt at $2.15 million—this includes outstanding loans of 1.18 million CAKE and 1.84 million THE. He also noted that the attacker's initial capital (7400 ETH) came from the mixer Tornado Cash.

一个从 Tornado 收到 7400 枚 ETH 的地址 (黑客？)，主导了今天晚上 CAKE 和 THE 的抵押品清算事件。
导致了 Venus 产生约 $215 万的清算亏空 (118 万 CAKE+184 万 THE)，而黑客从 Venus 拿到了约 $507 万资金 (2,172 BNB+151.6 万 CAKE+20 BTC)。

1⃣先是通过 0x7a7…234 地址从 Tornado 收到 7,400… pic.twitter.com/W6YwQpKJQF
— 余烬 (@EmberCN) March 15, 2026

"He borrowed 9.92 million USDT to create chaos, but the assets withdrawn from Venus were worth only $5.07 million. On-chain, the picture is unprofitable, but I suspect he was shorting THE through liquidations and profiting on CEX," the expert noted.

It is worth noting that in March 2025, Venus lost over $716,000 due to a similar oracle manipulation attack.