Venus Protocol Hack (2026)

In March 2026, Venus Protocol, a lending platform on BNB Chain, lost about $3.7 million through a donation attack that bypassed supply caps on the low-liquidity THE (Thena) token. Per Halborn and Venus’s own post-mortem, the attacker had quietly accumulated THE for roughly nine months, building a position controlling about 84% of Venus’s supply cap for the token, then transferred tokens directly into the vTHE contract instead of using the standard deposit function, distorting the protocol’s internal exchange rate and circumventing supply limits. The manipulation inflated THE’s spot price from about $0.263 to over $0.51 and left Venus with roughly $2.18 million in bad debt. The patient, low-and-slow nature of the attack highlighted how thin-liquidity collateral and donation-style accounting flaws can be weaponised over months, reinforcing the case for conservative collateral onboarding, donation-resistant share accounting, and monitoring of unusual long-horizon position building.