Big if true! “Venus Protocol left $500mm of customer funds vulnerable to hack while refusing to pay promised $1m bounty to security researcher who helped team save funds.” As far as I understand, the attack is very similar to the Mango DAO exploit where the attacker amasses illiquid collateral, drives the price up to fake levels, and then deposits the collateral on the lending platform to withdraw all the TVL. In this case the collateral was XVS, the Venus token. The exploiter had accumulated around $5m worth of the token on markets and was accumulating more to corner the market. One sufficiently cornered, he would deposit it to Venus lending protocol, then use several million dollars in buys to drive up Binance price and other oracle prices, inflating the value of his collateral to a totally fake number (>$1b), and withdraw all the collateral from XVS. The difference is Mango DAO used offsetting futures positions while the Venus exploit was purely spot-driven on a lending market. Evidence below. 😳😳😳(Vladimir S. | Officer's Notes)