On March 15, Venus Protocol detected a sophisticated supply cap attack targeting its Thena (THE) liquidity pool. The exploit involved an attacker accumulating 84% of THE’s market cap and using it as collateral to borrow $3.7 million in assets, including CAKE, USDC, BNB, and Bitcoin.
Venus swiftly halted all THE borrows and withdrawals, with Allez Labs confirming the incident was protocol-level-targeting system mechanics rather than user credentials. The platform also restricted low-liquidity tokens to contain risk.
The attack marks one of the year’s most significant DeFi breaches, despite overall crypto hack losses dropping to $49 million in February-the lowest in over a year.