Cyvers added:
“The stolen funds are currently held in the attacker’s contract and remain unswapped.”
While the scale of the loss initially raised fears of a protocol-level exploit, experts emphasized that Venus itself had not been compromised.
He added that while the Venus smart contracts remain unaffected, the possibility of a hijacked frontend cannot be dismissed.
Xian also suggested the victim may have been targeted through a poisoning attack designed to compromise their computer.
According to him, the hacker demonstrated planning and sophistication, using complex funding sources, including gas fees routed through Monero exchanges.
He added:
“The large holder and we are coordinating, many details will not be expanded for now, and the actual loss is not accurate either, it may not have exceeded $20 million.”
