The combination of real-time detection, coordinated response, and a timely pause prevented significant user loss.
Last week, when a Venus protocol user with a large position fell victim to a phishing attack, Hypernative was the first to reach out to the team to inform them of the attack. Hypernative’s real-time alert, delivered despite Venus not being a customer, prompted the protocol team to pause operations within minutes. That decisive action prevented further losses, trapped the attacker’s funds onchain, and enabled the recovery of nearly $13M.
On Sept. 2, the attacker used a malicious Zoom client to compromise the victim’s machine. By tricking the user into approving the attacker’s contract as a valid delegate, the attacker gained control over the account and drained $13M in a single multi-step transaction.
Hypernative’s systems first flagged the attacker's contract as suspicious on Sept. 1 at 15:26:36 UTC. At 09:05:36 the following morning, the victim suffered their first loss. Within less than 2 minutes, Hypernative's CTO Dan Caspi already reached out to Venus via Telegram.
Thanks to that early warning, Venus was able to pause protocol activity, contain the damage, and stop further withdrawals. By the end of the day, the team executed a liquidation strategy that seized $3M of the attacker’s collateral and restored the victim’s position. Nearly $13M in user assets were secured, and the protocol resumed normal operations without disruption.
This incident shows how attacker sophistication continues to rise and why seconds matter. Hypernative is committed to giving protocols and institutions the real-time visibility and pre-transaction defenses needed to stop malicious activity before it ever reaches the chain.
Reach out for a demo of Hypernative’s solutions, tune into Hypernative’s blog and our social channels to keep up with the latest on cybersecurity in Web3.
Secure everything you build, run and own in Web3 with Hypernative.
Website | X (Twitter) | LinkedIn
