March 16, 2026 — Venus Protocol, a major decentralized finance (DeFi) lending platform, has been exploited for over $3.7 million in a sophisticated “supply cap” attack. The incident involved manipulating the platform’s borrowing limits for Thena (THE) tokens.
The Attack Vector
According to an announcement from Venus Protocol, suspicious activity was detected in the liquidity pool for the Thena token. The platform’s risk manager, Allez Labs, identified the attack as a two-phase operation.
First, the threat actor steadily accumulated approximately 84% of the total THE token market cap. This large position was then used as collateral to bypass the protocol’s maximum supply cap controls. The exploit allowed the attacker to borrow other digital assets significantly beyond intended limits.
Stolen Assets and Platform Response
Allez Labs reported the exploiter borrowed 6.67 million CAKE tokens, 1.58 million USDC, 2,801 BNB, and 20 Bitcoin (BTC). The total value exceeded $3.7 million, according to data from Wu Blockchain.
In response, the Venus team immediately paused all borrows and withdrawals for the THE token. “We are taking precautionary action by pausing all THE borrows and withdrawals effective immediately, to prevent any further misuse,” the team stated. The pause will remain until the investigation concludes.
Out of caution, withdrawals and borrowing for other tokens with low liquidity on the platform were also temporarily halted.
Market Impact and Investigation
The THE token’s price fell more than 17% in the 24 hours following news of the exploit, trading at $0.2255 according to CoinMarketCap data. The unusual activity reportedly only affected pools for the THE and CAKE tokens.
Venus Protocol has not yet responded to requests for additional comment. The investigation by the platform and Allez Labs is ongoing to determine the full scope of the security failure.
Context of DeFi Security
This incident underscores persistent cybersecurity threats in the DeFi sector. While code exploits and hacks have shown variability, they remain a critical vulnerability. Blockchain intelligence platform Nominis noted in a recent report that phishing and social engineering scams have seen an uptick, even as some exploit-related losses have declined.
The attack highlights the complex risks associated with supply cap mechanisms and cross-protocol token integrations in decentralized finance. Security audits and real-time monitoring continue to be essential defenses for platforms managing user funds.
What’s Next: The Venus Protocol team is expected to provide a post-mortem report detailing the technical flaw that enabled the supply cap bypass. The resumption of normal operations for THE and other paused tokens is contingent on the completion of their security review. Users are advised to monitor official Venus Protocol channels for updates.
Updated insights and analysis added for better clarity.
This article was produced with AI assistance and reviewed by our editorial team for accuracy and quality.
