TechFlow news, September 2 — According to Yu Xian, founder of SlowMist, the recent security incident involving the Venus protocol was not a direct hack of the protocol itself, but likely caused by a phishing attack targeting a major holder. The investigation suggests that the Venus frontend may have been hijacked, enabling hackers to launch a carefully designed phishing attack against a specific large holder.
The hacker deployed a malicious contract around 11:30 PM on September 1, 2025. The operation was highly premeditated, with complex funding sources, including part of the attack funds originating from XMR exchanges. Investigators are currently examining potential targeted poisoning attacks on the major holder's computer system.
Yu Xian stated that the actual loss could be lower than the previously reported $27 million, falling below $20 million. The release of this information aims to prevent unnecessary market speculation and panic.
