A trader on Venus Protocol, a popular decentralized finance lending platform, has suffered a devastating $13.5 million loss after falling victim to a phishing scam. Blockchain security firm PeckShield first reported the theft at $27 million but later revised the figure, clarifying that the trader’s debt position reduced the actual net loss.

The attack occurred when the victim unknowingly approved a malicious transaction, granting hackers access to their account. This allowed the attacker to drain stablecoins and wrapped assets from the wallet. Unlike a system flaw or protocol breach, the loss stemmed from user error after being tricked by fraudulent links disguised as legitimate.

Venus Protocol confirmed the incident on its official X account, stressing that its smart contracts remain secure. Still, as a precaution, the platform temporarily paused all operations while conducting a full-scale security review. “Right now, yes, that appears to be the case. We will keep everyone updated as we investigate,” the team stated, emphasizing that the suspension was a safety measure.

The case is part of a growing wave of crypto-related attacks at the start of September. On the same day, governance tokenholders of World Liberty Financial fell victim to a phishing exploit, while decentralized exchange Bunni suspended all activity after hackers exploited its Ethereum-based contracts, costing an estimated $2.3 million.

These incidents come on the heels of a brutal August for the industry, with hackers stealing more than $163 million across 16 separate attacks. Analysts warn that cybercriminals often intensify efforts during market upswings, targeting unsuspecting investors and platforms alike. As DeFi adoption expands, experts stress the urgent need for heightened user awareness and stronger security practices.