Analysis: Venus Protocol's Largest User Suffers Targeted Attack Due to Wallet Extension Replacement

Analysts believe that while the high-profile investors used hardware wallets, the wallet extension on their computers was maliciously replaced, with the "redeemUnderlying" operation being tampered with as "updateDelegate," leading to the theft of assets. The hackers' funds were partially sourced from XMR exchanges and the sanctioned dark web exchange eXch.