Avg attacker reconnaissance time for peer-class protocols

Venus Protocol's assessment for RD-F-163 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

March 2026 THE attack: attacker conducted approximately 270 days (9 months) of patient accumulation from June 2025 to March 2026 — the longest documented pre-strike reconnaissance window among M3a batch protocols. The 270-day window exceeds the USPD-class benchmark (78 days) by 3.5x. The accumulation was publicly visible on-chain throughout but no monitoring system flagged it (per BlockSec post-mortem). February 2025 ZKSync attack: same vector, reconnaissance timeline not publicly confirmed. Historical peer-class lending protocol average: 30–78 days. Venus's threat profile includes sophisticated actors capable of extended, low-signature reconnaissance far exceeding peer-class averages.

Sources #

URL
Venus Protocol Hit By $3.7M Flash Loan Attack: Hacker Prepared For 9 Months — MEXC Bloghttps://blog.mexc.com/news/venus-protocol-hit-by-3-7m-flash-loan-attack-hacker-prepared-for-9-months/retrieved 2026-04-28
URL
Venus Thena (THE) Incident: What Broke and What Was Missed — BlockSechttps://blocksec.com/blog/venus-thena-donation-attackretrieved 2026-04-28

Methodology #

Report the average number of days of attacker reconnaissance activity before a strike on peer-class protocols (lending/DEX/bridge/perps), sourced from the hack database.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol venus factor RD-F-163 score yellow collected_at 2026-04-28 18:30:49