Flash loan attack on Venus Protocol drains $3.7M after large collateral borrowing, triggering liquidations and raising new security concerns across DeFi lending platforms.
Venus Protocol faced another security scare after on-chain data showed a suspected flash loan attack. The attacker has used large collateral to borrow crypto assets and withdrawal of millions. Total loss was reported to be over $3.7M early reports said. The incident led to liquidations and concerns over the safety of DeFi platforms.
Suspected Flash Loan Attack Drains Millions
Blockchain tracking data showed suspicious activity associated with address 0x1a35.6231. The address borrowed huge amounts of assets from Venus Protocol in a short period of time. It was reported that the attacker got about 20 BTC, 1.5M CAKE, and 200 BNB. The total value of these assets amounted to more than $3.7M.
On-chain data shows Venus Protocol was suspected to suffer a flash-loan attack. The attacker address 0x1a35…6231 obtained about 20 BTC, 1.5 million CAKE, and 200 BNB, totaling over $3.7 million, after using a large amount of THE as collateral on Venus to borrow CAKE, BTCB, and… pic.twitter.com/qnyISI5pp5
— Wu Blockchain (@WuBlockchain) March 15, 2026
The attack was reportedly based on a flash loan strategy. A flash loan gives the opportunity to borrow money for a short period of time without providing collateral. However, the loan will have to be repaid in the same transaction. This is a feature that is sometimes exploited by attackers in order to manipulate prices or borrowing limits.
Related Reading: Crypto Hacks: Crypto Hacks Hit $86M in January as Phishing Losses Exceed $300M – Ledger Tribune
In this case, the attacker first provided a large amount of THE tokens as collateral. After that, the attacker borrowed BTCB, CAKE and BNB from the Venus lending pools. The system permitted the borrowing since the collateral value changed rapidly. This approach helped the attacker to take out money before the protocol acted.
After the borrowing occurred, the value of the collateral had fallen. As a result, the system began liquidating the THE tokens. Reports said tens of millions of THE was put into liquidation. Liquidation occurs when there is not sufficient collateral to repay a loan. The protocol sells the collateral in order to minimize losses.
Liquidations Begin to Cover the Shortfall
The Venus team and blockchain observers saw the activity shortly after it occurred. The platform initiated liquidation of the automaticity to prevent further damage. Liquidation is a safety process which is used by lending protocols. It provides protection for the system in case borrowers cannot repay their loans.
Large liquidation events can impact token prices. When large numbers of tokens are sold in a short period of time, the price can drop. Because of this, the liquidation of THE tokens may lead to the increase in market pressure. Traders are watching closely to see how the market reacts.
Security experts said the attack highlights risks with DeFi lending systems. Flash loans are helpful tools and can be abused. If price feeds or collateral rules are weak, they may be exploited by attackers. Therefore, many platforms continue their improvement of risk controls.
The address that was used in the attack is still under observation. Blockchain data is public so investigators can track movements. If the attacker transfers the funds to exchanges, it may be easier to find out who it is. However, many of the attackers make use of mixers or bridges to conceal the activity.
Previous Incident Raised Similar Concerns
This is not the first security issue to be associated with Venus Protocol. In September 2025, the platform experienced another major incident. A phishing attack resulted in about $27M lost, just for a short period. That incident caused pandemonium in the community at the time.
The earlier loss was later recovered by emergency measures in governance. The team from Venus collaborated with partners to pay back the money. Because of that recovery, users regained some level of confidence in the protocol. However, the new attack has now been a cause for concern with safety again.
DeFi platforms represent billions of dollars in digital assets. Because of this, they frequently become the victims of hackers. Developers have to balance speed, low fees and good security. Even small weaknesses can bring big losses.
The most recent incident involving Venus indicates why risk management remains important in crypto lending. Liquidations helped to lessen the damage this time. However, the event is a reminder to users that DeFi is not risk-free. Future updates might target better protection against exploits for flash loans.