Getting your Trinity Audio player ready...

How did it happen?

It began when the Yearn team announced that they noticed an exploit in the Yearn DAI vault.

Hours later, a Yearn core developer that goes by Banteg, followed up by specifying the exact damage done in the attack; the attacker was able to pocket $2.8 in stolen funds from the exploit and Yearn’s Dai vault sustained a total loss of $11 million.

The exploit happened by way of flash loan attack, a method that we typically see used when it comes to DeFi exploits.  

“In a nutshell, someone deposited a bunch to Curve 3pool to manipulate DAI price given by the pool,” said Curve CEO Michael Egorov, “[Yearn’s] vault somehow was relying on the DAI price given by this pool. Then the contract withdrew after the attack. And repeated many times taking flash-borrowed funds.”

Although the attacker was able to successfully execute the attack, Yearn’s security team was able to mitigate the overall damage by intervening midway through the exploit. 

“Acting in roughly 11 minutes, Yearn’s security team and multi-sig wallet signers were able to stop the exploit while it was underway, saving 24m DAI out of the vault’s total 35m DAI deposits,” said Yearn in their post-mortem report.

Next steps

Yearn has not announced any next steps, recompensation, or insurance plan for Yearn users that suffered losses due to the exploit; however, Tether CTO Paolo Ardoino says that Tether has frozen 1.7M USDT connected to the Yearn exploit.

The Yearn Finance exploit is the first of what will most likely be many DeFi exploits that take place this year. In 2020, 17 major DeFi hacks took place that resulted in a total of $154 in lost funds.

Recommended for you

African blockchain startups outpaced VC landscape in 2024: report
Meanwhile, African leaders are calling for blockchain to be among the technologies in focus at the first G20 Leaders’ Summit...
July 11, 2025
Thailand, China on alert over illegal ‘crypto’ sites, schemes
Thailand steps up its cybersecurity with WebD, an AI-based system targeting illicit sites; meanwhile, China warned the public over fake...
July 11, 2025
Advertisement
Advertisement
Advertisement