Venus Protocol, a prominent DeFi borrowing and lending platform, has recently encountered suspicious activity regarding the $THE pool. In this respect, there is a possibility of a Flash Loan attack, raising concerns across the DeFi community. As per the official X post of Venus Protocol, only the $CAKE and $THE markets seem to be impacted at the current stage. Hence, amid the ongoing investigation, the early indications point toward a likely link to a refined exploit dealing with illiquid collateral.
🚨 We have identified unusual activity involving the $THE pool and are actively investigating.At this time, only the $THE and $CAKE markets appear to be affected.We will share updates as our investigation progresses. We appreciate your patience and support. 💙
— Venus Protocol (@VenusProtocol) March 15, 2026
Due to this unusual situation, Venus Protocol has paused all borrows and withdrawals of $THE.
🔒 Follow-up UpdateAs we continue to investigate the unusual activity in the $THE pool, we are taking precautionary action by pausing all $THE borrows and withdrawals effective immediately, to prevent any further misuse.This will remain in effect until the investigation is…
— Venus Protocol (@VenusProtocol) March 15, 2026
Venus Protocol Faces Concerns of Flash Loan Exploit as Attacker Targets $THE and $CAKE Pools
The announcement from Venus Protocol reveals that the platform is conducting an investigation into the abnormal activity dealing with the $THE pool. Specifically, the malicious actor utilizes $THE tokens in the form of collateral for the borrowing of diverse assets. The respective assets included $BNB, $BTCB, and $CAKE. This enabled manipulation of the market prices while it could also lead to large-scale liquidations.
Keeping this in view, the community is speculating on the exploitation of a staggering 42M $THE liquidation. This figure reportedly accounts for a total value of $14M. The blockchain onlookers pointed out that the attacker may have manipulated the low-liquidity conditions while dealing with the $THE pool for artificial price inflation.
Collateral-Based Manipulation Triggers Questions over DeFi Security
Such a manipulation is a vulnerability in diverse DeFi networks that depend mostly on collateral lending. The investigation of Venus Protocol aims to identify whether the incident happened due to an outside market manipulation or a protocol-level weakness. If the attacker successfully executes the malicious strategy of $THE accumulation and further sale at a high price level, it could cost an estimated $14M to Venus Protocol. Hence, while the platform has disclosed the expectation of damage to the $CAKE and $THE markets, the community is growing more and more cautious while further details are to be provided amid ongoing investigation.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Cowswap Frontend Under Attack, Users Urged to Revoke Permissions
Blockaid's security system detected a frontend attack on Cowswap, flagging the website COW.FI as malicious. Users are urged to revoke wallet permissions and refrain from interacting with the DApp.
GateNews2h ago
Polymarket reviews and weeds out early-stage projects in its ecosystem, targeting insider trading and market manipulation behaviors
Polymarket announced an audit of some of the onboarded startup projects that have been accused of using allegedly insider trading account information to steer users into making trades. The move is intended to strengthen compliance management and address external concerns about the risks of insider trading.
GateNews4h ago
In Q1 2026, Web3 projects suffered losses of over $460 million from hacks and scams, with phishing attacks leading the way.
Hacken’s report shows that in the first quarter of 2026, Web3 projects lost $464.5 million due to hacker attacks and scams, with phishing and social engineering attacks accounting for $306 million in losses. In addition, hardware wallet scams accounted for the bulk of the losses. Moreover, losses were also significant due to smart contract vulnerabilities and access control failures. In terms of regulation, the European legal framework has increased security monitoring requirements.
GateNews8h ago
RAVE’s hype surge triggers a flood of copycat coin mania, as FF and INX expose the “pump-and-dump” scheme
Recently, altcoins represented by RAVE have sparked a fierce investment craze, but some old star projects like FF and INX have used this wave of hype to carry out “pump-and-dump” operations—rapidly driving up coin prices to lure retail investors to buy, and then dumping them heavily, causing the price to plunge rapidly. Such behavior not only exposes the project team’s funding difficulties, but also damages investors’ trust. Investors need to stay alert to signals like abnormal short-term surges in order to avoid the risk of being manipulated by the market.
MarketWhisper12h ago
FBI teams up with Indonesia to dismantle W3LL phishing network, with more than $20 million involved
The U.S. FBI and Indonesian police successfully cooperated to dismantle a W3LL phishing network, seizing related equipment and detaining suspects. The W3LL phishing toolkit offers low-priced fake login pages that use man-in-the-middle attacks to easily bypass multi-factor authentication, forming an organized cybercrime ecosystem. This operation marks cooperation between the U.S. and Indonesia in law enforcement against cybercrime; however, the security threats to cryptocurrency users remain severe.
MarketWhisper15h ago
Squads Emergency Alert: Address poisoning and forged multisig accounts; a whitelist mechanism will go live
Solana ecosystem multi-signature agreement Squads issued a warning, pointing out that attackers launched an address poisoning attack against users by using fake accounts to trick users into making unauthorized transfers. Squads confirmed that there was no loss of funds and emphasized that this is a social engineering attack rather than a protocol vulnerability. To respond, Squads has implemented protective measures such as a warning system, non-interactive account prompts, and a whitelist mechanism. This incident reflects the growing social engineering threats in the Solana ecosystem and has prompted ongoing security reviews.
MarketWhisper16h ago
