Venus Exploit Raises DeFi Lending Concerns Over Supply Caps and Oracle Guardrails

A recent exploit on the Venus Protocol has left behind a trail of bad debt and raised concerns about DeFi lending risks.

The attack involved manipulating the price of THE token, which was used as collateral in a lending pool. The attacker employed a combination of low liquidity, delayed price updates, and a bypassing strategy to create a dominant position in the market.

According to Allez Labs, the attacker spent months building up a large THE position before launching the visible attack phase. During this time, they transferred THE directly to the vTHE contract instead of going through the standard deposit flow, allowing them to expand their position beyond the intended cap.

The exploit highlighted the importance of considering market depth and structural characteristics when designing lending protocols. Venus Protocol responded by freezing borrows and withdrawals for affected markets and reducing collateral factors for vulnerable markets.