Cyvers Alerts: Attackers implement attacks by updating Venus core fund pool controller to malicious contract address
Source: ChainCatcher
Time: 2025-09-02 18:56:39
According to ChainCatcher, the latest warning of DeFi security monitoring platform Cyvers Alerts: A security incident occurred in the Venus protocol on the BNB chain, with approximately US$27 million in assets at risk. The core information is as follows:
The attacker carried out the attack by updating the Venus core fund pool controller (Core Pool Comptroller) to a malicious contract address;
Affected assets include vUSDC, vETH and other tokens - the stolen funds are still stuck in the attacker's contract and no redemption operations have been carried out.
Venus Agreement users should pay close attention to asset security and recommend suspending relevant operations until further notice.