BSV
$53.15
Vol 30.69m
-1.35%
BTC
$95348
Vol 42412.37m
-1.7%
BCH
$444.07
Vol 339.15m
-1.55%
LTC
$100.28
Vol 807.91m
0.44%
DOGE
$0.31
Vol 4735.22m
-3.51%
Getting your Trinity Audio player ready...

How did it happen?

It began when the Yearn team announced that they noticed an exploit in the Yearn DAI vault.

Hours later, a Yearn core developer that goes by Banteg, followed up by specifying the exact damage done in the attack; the attacker was able to pocket $2.8 in stolen funds from the exploit and Yearn’s Dai vault sustained a total loss of $11 million.

The exploit happened by way of flash loan attack, a method that we typically see used when it comes to DeFi exploits.  

“In a nutshell, someone deposited a bunch to Curve 3pool to manipulate DAI price given by the pool,” said Curve CEO Michael Egorov, “[Yearn’s] vault somehow was relying on the DAI price given by this pool. Then the contract withdrew after the attack. And repeated many times taking flash-borrowed funds.”

Although the attacker was able to successfully execute the attack, Yearn’s security team was able to mitigate the overall damage by intervening midway through the exploit. 

“Acting in roughly 11 minutes, Yearn’s security team and multi-sig wallet signers were able to stop the exploit while it was underway, saving 24m DAI out of the vault’s total 35m DAI deposits,” said Yearn in their post-mortem report.

Next steps

Yearn has not announced any next steps, recompensation, or insurance plan for Yearn users that suffered losses due to the exploit; however, Tether CTO Paolo Ardoino says that Tether has frozen 1.7M USDT connected to the Yearn exploit.

The Yearn Finance exploit is the first of what will most likely be many DeFi exploits that take place this year. In 2020, 17 major DeFi hacks took place that resulted in a total of $154 in lost funds.

Recommended for you

Who wants to be an entrepreneur?
Embodying the big five personality traits could be beneficial for aspiring entrepreneurs, but Block Dojo shows that there is more...
December 20, 2024
UNISOT, PSU China team up for supply chain business intelligence
UNISOT revealed a new partnership with business intelligence and research firm PSU China, which will combine its data with UNISOT's...
December 20, 2024
Advertisement
Advertisement
Advertisement