Following a recent phishing attack, the DeFi lending platform Venus Protocol managed to recover stolen assets and return them to their rightful owner. The protocol announced that $11.4 million worth of assets belonging to Kuan Sun, CEO of Eureka Trading and a major user, were successfully returned. Meanwhile, Nemo Protocol, another DeFi protocol built on the Sui network, became the target of a separate hacking attack, resulting in the theft of $2.4 million in stablecoins.
Assets Reclaimed in Venus Protocol Heist
On September 2, the incident unfolded when Kuan Sun lost nearly $13 million due to a malicious transaction he inadvertently signed through a fake Zoom client. The stolen funds, which included stablecoins such as USDT, USDC, and FDUSD, were transferred to the attacker’s wallet. Venus Protocol emphasized that its infrastructure was not directly targeted during the attack and halted transactions within 20 minutes to initiate an investigation.
The protocol reported that they identified the problem in less than 12 hours post-incident and managed to retrieve the lost funds. With the assistance of blockchain security firms PeckShield, Hexagate, and Hypernative Labs, a significant portion of the stolen assets was recovered through a forced liquidation of the attacker’s wallet, a move supported by community approval.
Since 2020, Venus Protocol has been operational on networks such as BNB Chain, Ethereum 
$3,094, opBNB, Arbitrum, Optimism, and zkSync. Users on the platform can deposit collateral, borrow funds, and generate VAI, a stablecoin. Despite a temporary drop in the value of its native XVS coin following the incident, it rebounded and was trading at $6.28 at the time of reporting, according to CoinMarketCap.
Nemo Protocol Falls Prey to Hacking Incident
The DeFi protocol, Nemo Protocol, built on the Sui network, was recently targeted in a hacking incident resulting in the theft of $2.4 million in stablecoins. Security firm PeckShield reported that the stolen USDC was transferred from Arbitrum to Ethereum following the attack.
On the morning of September 8, the Nemo team confirmed the attack to their community and announced that all smart contract operations were temporarily suspended. The protocol revealed that the market pool was the main target of the attack, though its vault assets remained secure. The technical cause of the incident has not yet been disclosed.
Nemo Protocol operates on the Sui network, focusing on yield infrastructure and yield tokenization within DeFi. It offers users opportunities for trading, hedging, or leveraged yield usage. Following the attack, investigations into the protocol’s security processes are ongoing.
