Yearn Finance suffers exploit, says $2.8 million stolen by attacker out of $11 million loss

DeFi platform Yearn.Finance said Thursday that one of its pools of funds had been exploited, resulting in the loss of $2.8 million.

"We have noticed the v1 yDAI vault has suffered an exploit. The exploit has been mitigated," the project's official Twitter account said. Yearn.Finance is a so-called yield aggregator, through which users can deposit funds in pools — or vaults — which are then deployed to other DeFi protocols in an effort to generate yields for those depositors.

One of Yearn's core developers later shared details about the exploit on Twitter:

 

THE SCOOP

Keep up with the latest news, trends, charts and views on crypto and DeFi with a new biweekly newsletter from The Block's Frank Chaparro

By signing-up you agree to our Terms of Service and Privacy Policy
By signing-up you agree to our Terms of Service and Privacy Policy

Stani Kulechov, the founder of DeFi platform Aave, later tweeted out the transaction at the heart of the exploit, involving numerous DeFi protocols and more than $5,000 worth of ETH-denominated gas fees.

"Complex exploit with over 160 nested transactions and 8,6 mm gas used (around 75% of the block) resulted to 2.7 mm USD loss," Kulechov wrote.

This story is developing and will be updated as more information becomes available.