HomeNewsEthereum's Aave & Yearn Finance Hit by $11M DeFi Exploit: Users on...

Ethereum’s Aave & Yearn Finance Hit by $11M DeFi Exploit: Users on Edge

- Advertisement -
  • Aave and Yearn Finance, two popular Ethereum DeFi protocols, reportedly exploited.
  • Potential damage from the exploit could exceed $11 million.

Two leading Ethereum decentralized finance (DeFi) protocols, Aave and Yearn Finance, have reportedly been targeted by an exploit, according to early reports from blockchain security firm PeckShield. The company addressed a tweet to Aave, requesting the verification of a specific transaction hash.

PeckShield suggests that DeFi aggregator Yearn Finance may have fallen victim to a flash loan attack. The exploit appears to target Aave V1, with damages potentially exceeding $11 million.

Investigating the Security Breach

Based on current information, LookOnChain indicates that the attacker obtained a mix of stablecoins from Yearn Finance and Aave, including 3,032,142 DAI, 2,579,483 USDC, 1,785,091 BUSD, 1,512,528 TUSD, and 1,193,756 USDT.

Aave responded to PeckShield’s tweet, stating that they are aware of the transaction and are investigating any potential impact on Aave V1, the oldest version of the protocol which has been frozen.

Marc Zeller, Head of Aave Integration, explained in a series of tweets that Aave V1 has been frozen since December 2022, meaning no user can deposit money or increase the credit amount, making issues unlikely but not impossible.

Upcoming Snapshot Vote and User Reassurance

Zeller mentioned that a snapshot vote would take place in a few hours for governance to decide on offboarding V1. Users can still repay and/or withdraw their funds from V1 via the traditional app. The current size of V1 is $18 million, while the Aave security module stands at $382.50 million.

In response to a query from a Twitter user, Zeller also confirmed that there is currently no known impact on Aave V2 and V3, stating, “To our current knowledge, zero.”

Yearn Finance’s yUSDT Issue

Samczsun, a pseudonymous crypto researcher from Paradigm, alleges that Yearn Finance’s version of USDT, called yUSDT, has been faulty since its inception approximately three years ago. He claims that it was misconfigured to use the Fulcrum iUSDC token instead of the Fulcrum iUSDT token.

Despite concerns about a potential dump due to the recent Shanghai hard fork, the ETH price at press time stood at $1,920, continuing its upward trajectory.

Disclaimer: ETHNews does not endorse and is not responsible for or liable for any content, accuracy, quality, advertising, products, or other materials on this page. Readers should do their own research before taking any actions related to cryptocurrencies. ETHNews is not responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods, or services mentioned.
Godfrey Benjamin
Godfrey Benjamin
Godfrey Benjamin is an experienced crypto journalist whose primary goal is to educate everyone about the prospects of Web 3.0. His love for crypto was sparked during his time as a former banker when he recognized the clear advantages of decentralized money over traditional payments. Business Email: info@ethnews.com Phone: +49 160 92211628