News

Yearn Finance Hack: Exploiter Steals Millions In Flash Loan Attack

Key Points:

  • Attackers exploited a bug in the misconfigured yUSDT token to mint a large amount of yUSDT from a small amount of USDT, which was then swapped for other stablecoins.
  • The total value of the stolen stablecoins was approximately $11.6 million USD, including $USDP, $TUSD, $BUSD, $USDT, $USDC, and $DAI.
The Yearn Finance project, a decentralized finance (DeFi) platform, has reportedly been attacked by flash loans resulting in hackers profiting more than 10 million US dollars.

The attackers took advantage of a bug in the misconfigured yUSDT token to mint a large amount of yUSDT from a small amount of USDT. The total value of the stolen stablecoins was approximately $11.6 million USD.

According to PeckShield and Beosin EagleEye, two blockchain security and data analytics companies, all hacker addresses have been identified, and the flow of funds is being monitored.

According to Lookonchain, the exploit attacked the Yearn Finance project and made off with over $10 million in stablecoins, including:

  • 3,032,142 DAI,
  • 2,579,483 USDC,
  • 1,785,091 BUSD,
  • 1,512,528 TUSD,
  • 1,193,756 USDT.

Additionally, the yUSDT token in Yearn Finance has reportedly been misconfigured since its deployment over 1000 days ago, according to Samzcsun. Instead of using the Fulcrum iUSDT token, it was using the Fulcrum iUSDC token. This misconfiguration has caused the token to break.

As of now, PeckShield has revealed that the hacker exploits a bug in the misconfigured yUSDT. The attack was carried out by using a bug in the misconfigured yUSDT token to mint an extremely large amount of yUSDT from a small amount of USDT, which was then swapped for other stablecoins.

The total value of the stolen stablecoins was approximately $11.6 million USD, including $USDP, $TUSD, $BUSD, $USDT, $USDC, and $DAI. The exploiter supplied 1.5 million TUSD to AAVE and borrowed 634 ETH from AAVE. They also swapped part of the stolen stablecoins for approximately 600 ETH. The exploiter transferred 1,000 ETH into Tornado Cash.

DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.

Join us to keep track of news: https://linktr.ee/coincu

Thana

Coincu News

Thana

I am a news editor at Coincu, where I produce daily editorial packages and manage the knowledge and review article sections. Before journalism, I earned a Bachelor's degree in Global Logistics and Supply Chain Management from Northampton University and studied news journalism at Press Association Training.

Share
Published by
Thana
Tags: Yearn FinanceYearn Finance AttackYearn Finance Hack
1 year ago

Recent Posts

Kraken May Drop USDT Due To Upcoming EU Rules: Report

Kraken may drop USDT in the EU due to upcoming MiCA regulations. Other exchanges adapt,…

3 hours ago

Rumor: zkSync Airdrop Imminent With Hint Of Token Launch

Rumor has it that zkSync, an Ethereum scaling solution, may drop a governance token soon.…

5 hours ago

Oklahoma Crypto Bill Passed, No Extra Taxes On Transactions Imposed

Oklahoma crypto bill OKHB3594 safeguards residents' rights to use and self-custody digital assets, legalizes home…

6 hours ago

Solana Tops CoinGecko’s TPS Rankings As The Fastest Blockchain: Report

Solana tops CoinGecko, boasting highest daily transactions per second (TPS). It outperforms Ethereum and Polygon,…

6 hours ago

Bitcoin’s Correlation With Technology Stocks Is Growing With Confidence About Interest Rates

Bitcoin's correlation with mainstream assets, like tech stocks, is on the rise, fueled by optimism…

8 hours ago

Binance Executive Now Stuck In Nigeria Because Court Denied Bail

The Federal High Court in Abuja has denied bail to Tigran Gambaryan, a senior Binance…

9 hours ago

This website uses cookies.