...and is definitely not an enormous grift that's pouring lighter fluid on our already smoldering planet.
Created by Molly White. Subscribe to her newsletter for weekly recaps.
Ultimately, facing being outvoted, the attacker dumped their MFAM holdings and the proposal was canceled as their balance had fallen below the proposal threshold.
This was only the most recent of Moonwell's troubles after the protocol suffered a $1.78 million loss in February due to an oracle misconfiguration and a $3.7 million loss in November 2025.
While the exploit left the Venus Protocol with over $2 million in bad debt, it's not clear if the attacker even made money from the exploit. The exploiter's position was ultimately liquidated, collapsing the increase in THE price. However, it's possible the exploiter took advantage of the price discrepancy elsewhere to profit.
The Venus Protocol has had a number of issues in the past — notably in June 2023, when the team developing the BNB Chain had to intervene when the a thief borrowed $150 million on Venus against stolen tokens and then faced liquidation.
BlockFills was backed by investors including Susquehanna and CME Ventures.
Chaos Labs, presumably embarrassed to have lived up to its name, promised to reimburse users whose positions were improperly liquidated.
The attacker was able to manipulate the oracle price to show that USTRY was priced at $100 (rather than its actual trading price of around $1.05). Then, they borrowed against the overvalued asset, withdrawing XLM and USDC priced at $10.2 million. However, around 48 million of the stolen XLM (~$7.2 million) were frozen.
This is the second time Moonwell has suffered a loss thanks to an oracle misconfiguration. In November 2025, the platform was left with almost $3.7 million in bad debt after a different asset was mispriced.
Although the vulnerable pull requests were at least partially developed by an AI tool, the security auditor who initially attributed the vulnerability to Claude Opus 4.6 later softened his criticism, noting that even senior developers could have made the same mistake. He did, however, criticize the project for a lack of sufficiently rigorous testing that should have caught the issue.
Platforms limiting or halting withdrawals — particularly lending platforms — is reminiscient of the 2022 crypto crash, when falling crypto prices exposed crypto firms that had been engaging in highly risky or sometimes illegal behavior. As crypto prices fell, firms were unable to meet their loan obligations or faced margin calls, and the tightly interconnected web of lending within the crypto ecosystem often meant that one company failure cascaded into multiple more. It remains to be seen whether this is an isolated incident or the beginning of a trend as crypto prices hit revisit price lows not seen in over a year.
BlockFills claims to have more than 2,000 institutional clients globally, and boasted of facilitating more than $61 billion in transactions in 2025. The company's backers include Susquehanna Capital and CME Ventures.
The project disclosed the theft, describing the exploit as affecting "some deprecated contracts". They downplayed the theft, saying they'd bought back the stolen assets using treasury funds.
Abracadabra previously suffered a $13 million theft in March 2025, and a $6.5 million theft in January 2024.
Hyperdrive paused all markets while investigating the vulnerability, and patched the bug. They also compensated those who had lost money in the exploit.
Venus paused the protocol as they investigated the theft. The project then proposed a vote to force liquidation of the attacker's wallet and recover the stolen funds.
No JavaScript? That's cool too! Check out the Web 1.0 version of the site to see more entries.
