Venus Protocol, a DeFi lending platform, successfully aided a user in recovering $13.5 million in cryptocurrency stolen in a phishing attack linked to North Korea's Lazarus Group. Following the theft, Venus paused its platform to prevent further fund movement and conducted an investigation. The stolen funds were recovered due to an emergency governance vote that allowed the forced liquidation of the attacker's wallet. This response was facilitated by security partners HExagate and Hypernative, who flagged the suspicious activity quickly, prompting the immediate actions. The victim, Kuan Sun, praised the collaborative efforts behind the recovery, stating that it turned a potential disaster into a success. The attackers had exploited a malicious Zoom client to gain unauthorized access and control over the victim's account, allowing them to drain assets. SlowMist's subsequent analysis confirmed the connection to the Lazarus Group, known for previous significant crypto thefts.

Source 🔗