Getting your Trinity Audio player ready...

How did it happen?

It began when the Yearn team announced that they noticed an exploit in the Yearn DAI vault.

Hours later, a Yearn core developer that goes by Banteg, followed up by specifying the exact damage done in the attack; the attacker was able to pocket $2.8 in stolen funds from the exploit and Yearn’s Dai vault sustained a total loss of $11 million.

The exploit happened by way of flash loan attack, a method that we typically see used when it comes to DeFi exploits.  

“In a nutshell, someone deposited a bunch to Curve 3pool to manipulate DAI price given by the pool,” said Curve CEO Michael Egorov, “[Yearn’s] vault somehow was relying on the DAI price given by this pool. Then the contract withdrew after the attack. And repeated many times taking flash-borrowed funds.”

Although the attacker was able to successfully execute the attack, Yearn’s security team was able to mitigate the overall damage by intervening midway through the exploit. 

“Acting in roughly 11 minutes, Yearn’s security team and multi-sig wallet signers were able to stop the exploit while it was underway, saving 24m DAI out of the vault’s total 35m DAI deposits,” said Yearn in their post-mortem report.

Next steps

Yearn has not announced any next steps, recompensation, or insurance plan for Yearn users that suffered losses due to the exploit; however, Tether CTO Paolo Ardoino says that Tether has frozen 1.7M USDT connected to the Yearn exploit.

The Yearn Finance exploit is the first of what will most likely be many DeFi exploits that take place this year. In 2020, 17 major DeFi hacks took place that resulted in a total of $154 in lost funds.

Recommended for you

Indonesia wages war against extremism, charts digital skies
Indonesia is stepping up with digital tools to curb online extremism while also embracing AI to modernize and transform its...
September 16, 2025
DMAP hosts 10th DigiCon to tackle personalization, customer engagement in ‘The Age of ‘i’’
DMAP hosts DigiCon 2025 on October 16-17, where experts will unlock strategies in AI and personalization to redefine customer engagement...
September 16, 2025
Advertisement
Advertisement
Advertisement