Gate News, March 15 — According to on-chain analyst Yu Jin, an address that received 7,400 ETH from Tornado (suspected hacker) led tonight’s collateral liquidation events of CAKE and THE, resulting in approximately $2.15 million in liquidation losses on Venus ($1.18 million CAKE + $1.84 million THE). This address obtained about $5.07 million in funds from Venus (2,172 BNB + 1.516 million CAKE + 20 BTC).
The specific process is as follows: 1) The address received 7,400 ETH from Tornado at 0x7a7…234, then deposited into Aave to borrow $9.92 million (including USDT, DAI, USDC), and transferred to multiple wallets to buy THE; 2) Around 8 PM tonight, the address allegedly pumped THE price on a certain CEX, then deposited 36.1 million THE into Venus via two wallets, borrowing assets like BTC, BNB, and CAKE; 3) Forty minutes later, THE price plummeted, and the collateral on Venus was liquidated, pushing THE’s price further down. Ultimately, the collateral in both wallets was fully liquidated, but about $2.15 million in debt remained unpaid, creating a shortfall on Venus.
Analysis suggests that the address borrowed $9.92 million on-chain and lent out assets worth $5.07 million on Venus. From an on-chain perspective, there’s no profit, leading to suspicion that the address manipulated THE’s decline through liquidations to profit from positions on a certain CEX.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Hackers Exploit Obsidian Plugin to Spread PHANTOMPULSE Trojan with Blockchain C2
Elastic Security Labs revealed that threat actors impersonated venture capital firms on LinkedIn and Telegram to deploy a Windows RAT named PHANTOMPULSE, using Obsidian note vaults for attacks, which Elastic Defend successfully blocked.
GateNews1m ago
Zerion Hot Wallet Loses $100K in AI-Driven Social Engineering Attack by North Korea-Linked Hackers
Zerion confirmed a recent AI-driven social engineering attack by North Korean hackers, resulting in a $100,000 loss from corporate hot wallets. User funds remain safe, and the company has taken precautionary measures. This follows another significant attack on Drift Protocol.
GateNews15m ago
CoW Swap Pauses Protocol After DNS Hijacking Drains at Least $1M in User Funds
CoW Swap suspended its protocol after DNS hijacking redirected users to a fraudulent site, resulting in over $1 million in crypto theft. The incident led to precautionary actions and user warnings, while security measures were implemented.
GateNews2h ago
Lattice Announces Shutdown: Redstone Will Close on May 16, Users Must Withdraw by the Deadline
Gaming infrastructure developer Lattice announced it will shut down on May 15 and reminded users to withdraw their funds. After the shutdown, contract funds cannot be withdrawn through L1 contracts; only funds in personal wallets can be recovered. Over the past five years, Lattice has failed to realize its business model and ultimately decided to close, but its MUD framework and DUST game will continue to run.
MarketWhisper3h ago
User Loses $316K USDC After Signing Malicious Permit2 Transaction, GoPlus Warns
A user lost $316,000 in USDC due to a malicious Permit2 transaction, highlighting vulnerabilities in token approval mechanisms. GoPlus Security urges users to avoid phishing by following key security practices and installing its protective extension.
GateNews5h ago
Cow Protocol suffers a DNS hijacking; users must immediately revoke permissions
Cow Swap, a DEX aggregation platform built by Cow Protocol, suffered DNS hijacking on April 14. The attacker tampered with domain name records, redirecting user traffic to a spoofed website, and deployed a wallet-draining script. Cow DAO immediately paused the service and advised users to revoke approvals. This incident did not affect the protocol’s smart contracts, but users should remain alert to related risks and verify their transaction records.
MarketWhisper5h ago
