In the fast-moving world of crypto, even big players can fall for tricks. A major BNB holder, known as a “whale,” recently lost $13.5 million in a phishing scam. At first, people thought the Venus Protocol lending platform was hacked, but it turned out to be a personal wallet attack. Security experts link it to North Korean hackers, and teams are racing to recover the funds.
What Really Happened?
The trouble started when the BNB user clicked on a fake website that looked just like a real one. This let hackers get into their wallet and steal tokens worth $13.5 million. These were wrapped in Venus Protocol for USDT and USDC, which made some think the platform itself was hit. But Venus quickly said no—their system is fine, and other users’ money is safe. Security firm Cyvers checked and confirmed it was a classic phishing move, not a big hack.
How Phishing Tricks Work
Phishing is like a trap set by bad actors. They make sites that copy trusted ones, maybe with a tiny change in the web address. The victim thinks it’s okay and approves a transaction that sends their crypto away. Hakan Unal from Cyvers explained that these scams play on trust and rush, especially during exciting times like airdrops or new token launches. In this case, the user signed a bad deal, and boom—the funds were gone in a flash.
The North Korean Connection
Experts are pointing fingers at hackers from the Democratic People’s Republic of Korea, or DPRK. Danny Cooper from Venus said early checks show signs that match North Korean styles. This isn’t new; groups like Lazarus have stolen billions in crypto before, including a huge $1.4 billion from Bybit. Binance fights off these attacks every day. It reminds us that crypto threats can come from anywhere in the world.
Efforts to Recover the Funds
Right after the attack, Venus Protocol’s safety features kicked in and paused things to stop the hackers from moving more money. Now, PeckShield, Cyvers, and others are talking to the victim and working hard to get the cash back. They’ve fixed early reports that said the loss was $27 million—it’s half that after checking debts. But Cooper warns it’s not certain they’ll succeed. This event pushes everyone in crypto to use better security, like double-checking sites and using hardware wallets.