Scan to Download Gate App

More Download Options

Don't remind me again today

Yearn suffered a hacker attack, losing nearly 9 million USD, and the yETH stable pool was maliciously minted.

PriceOracleFairy

2025-12-01 04:43:02

Abstract generation in progress

[Coin World] Yearn was hit pretty hard this time. On the night of the 30th of last month, around 9 PM, hackers targeted their yETH stable pool and crazily minted coins using their own written contract, directly taking away about 8 million dollars. Worse, the yETH-WETH pool on Curve was also affected, resulting in a loss of around 900,000.

However, the good news is that the impact has been contained—those problematic codes are independent from other products, and the V2 and V3 Vaults are fine. The Yearn team mentioned that this attack method is quite complex and somewhat similar to the previous incident with Balancer.

Now they have brought in auditing big names like SEAL911 and ChainSecurity to investigate, and a more detailed incident analysis report is expected to come out later.

View Original

This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.

18 Likes

Reward
18
8
Repost
Share

Comment

0/400

GreenCandleCollector

· 12-01 07:28

Another major project has been exploited, how could Yearn be so careless this time? 9 million dollars just disappeared like that, what was the audit doing? I believe in the claim that the contract is independent, but I'm afraid there are more pitfalls ahead. Curve also got caught in the crossfire, the ecological risk really cannot be avoided. This kind of complex attack method is truly disgusting, hackers are so creative. With SEAL911 and ChainSecurity on the case, we can rest assured, but we have to wait for the analysis report. This is actually the norm in DeFi, no matter how fancy the protocol is, it can't prevent this. Can we still use the yETH stable pool in the future? At least it didn't spread to V2V3, otherwise the entire ecosystem would have to be firefighting.

View OriginalReply0

FOMOSapien

· 12-01 05:11

9 million USD just disappeared, yETH has really hit rock bottom this time. --- Once again, something went wrong with the stable pool; the security of DeFi really needs to be closely examined. --- The Yearn team responded quite quickly, the isolation was done well; if it weren't for that, they might have lost even more. --- The contract minting method is truly clever; no wonder they say the techniques are complex, it's certainly a valuable insight. --- It's good that V2V3 are fine; otherwise, the entire Yearn might have been finished. --- With SEAL911 and ChainSecurity together, this report should contain some valuable insights. --- 8 million USD, hackers make much more profit from this business than from mining. --- I feel that the security audits in DeFi are still not strict enough; they only react after incidents occur. --- The Curve pool has also been affected; cross-protocol risks are indeed hard to guard against. --- After the incident with Balancer, another one has happened; these hackers are really studying vulnerabilities.

View OriginalReply0

EthMaximalist

· 12-01 05:07

9 million gone just like that? Yearn's security audit needs some serious reflection --- Another contract vulnerability, how can we move forward in DeFi? --- Luckily, the isolation was thorough enough, otherwise the whole ecosystem would be finished --- After Balancer, they can still repeat the same mistakes; the audit team should also check themselves --- Running off with 8 million USD, that hacker's method is indeed ruthless --- V2V3 was spared; it seems Yearn is quite lucky --- This matter needs to wait for the SEAL911 report; the pit seems deeper than expected --- Even stable pools can be affected, the code quality really has issues

View OriginalReply0

ETH_Maxi_Taxi

· 12-01 05:05

Another stable pool has crashed, how could Yearn be so careless this time? DeFi is really deep water; every time you have to pay tuition. 9 million just vanished like that. The hacker's technique is indeed remarkable. Curve also got caught in the crossfire; how were these two pools audited before? Fortunately, V2V3 is fine; otherwise, it would have been completely over. Balancer should have learned a lesson from that time, but they still fell for it. Let's wait for the audit report; it will definitely be some fancy contract vulnerability.

View OriginalReply0

MoonMathMagic

· 12-01 05:04

Another eight million is gone, this DeFi is really nerve-wracking. --- Is Yearn also unable to hold on now? When will the contract vulnerabilities be completely resolved? --- What happened to the promised audits? There are still too many black holes unaddressed. --- Fortunately, V2V3 is fine; otherwise, it would be a complete disaster. --- Is this trap the same as the one with Balancer? It feels like this type of attack needs to be taken seriously. --- Nine million just disappeared like that; let's see who will compensate. --- Yearn needs to reassess the entire structure; if this continues, user confidence will collapse. --- Stable pools are being minted; I need to learn this operation... just kidding. --- SEAL911 and ChainSecurity have taken action; looking forward to their report to catch the real culprit.

View OriginalReply0

PseudoIntellectual

· 12-01 05:03

Yearn has been hacked again, this time losing 9 million, ridiculous, brother. Yearn really needs to reflect on this, the frequency is a bit high. Minting attacks are really hard to guard against, there are indeed loopholes in contract audits. 8 million just disappeared like that, I just want to know if the insurance will compensate. Curve has also been affected, this on-chain risk is really everywhere. Fortunately, it’s independent code, otherwise, a total explosion would be even more ridiculous. Balancer had that incident before, and now Yearn is coming again, why are these DeFi protocols always targeted? ChainSecurity and SEAL911 have both come, at least they took it seriously this time. With contracts, even if you audit it ten more times, it feels like new loopholes can still be found. Let's see the follow-up report, there should be something to learn. If even institutional-level projects can be hacked, how can retail investors survive? This is the cost of DeFi, decentralization means you have to bear this risk.

View OriginalReply0

GasWaster69

· 12-01 04:56

9 million just disappeared like that, Yearn is really a bit disappointing this time --- Even the stable pool can be attacked by minting, what is the audit for? --- Fortunately, it didn't affect V2 and V3, otherwise it would have really exploded --- Balancer hasn't learned from the last lesson, and now it's coming back for another round? --- Contracts are really like time bombs, no one can say for sure --- The hacker's method is really brilliant, it must take a lot of effort to come up with it --- Waiting for the report, feels like there are more details that haven't been disclosed --- DeFi has always been like this when something goes wrong, heavy losses and then audits --- SEAL911 needs to investigate carefully, this vulnerability is significant --- Curve has also been affected, incurring losses of over a million again.

View OriginalReply0

ZkProofPudding

· 12-01 04:53

DeFi has had another incident, 9 million just disappeared like that, smart contracts really need to be audited properly. --- Yearn's situation this time is a bit outrageous, how can such a basic minting vulnerability be exploited? --- Fortunately, it didn't affect other pools, otherwise Yearn would really face social death. --- To be honest, audits are just a joke, finding the pro to investigate after the fact is too late. --- Balancer should have learned a lesson from that time, but still got hacked, this industry is just like that. --- 8 million USD, the hacker's method is indeed complex, have to admit. --- V2V3 can still be salvaged, but user confidence is probably gone. --- Is it another permission issue or what? It always feels like Yearn loves to have strange problems. --- ChainSecurity checking is also a helpless situation, if you can't block it, you can only analyze it after the fact.

View OriginalReply0

Trending TopicsView More
#JoinGrowthPointsDrawToWiniPhone17
241.47K Popularity
#DecemberMarketOutlook
33.93K Popularity
#PostonSquaretoEarn$50
538 Popularity
#LINKETFToLaunch
5.65K Popularity
#SharingMy100xToken
5.31K Popularity

Hot Gate FunView More

1
小何CEO小何CEO
MC:$3.62KHolders:1
0.00%
2
OGPIPPINOGPIPPIN
MC:$3.63KHolders:1
0.00%
3
BONDXBONDX
MC:$3.74KHolders:2
0.54%
4
GBGB
MC:$3.7KHolders:2
0.00%
5
TanglipuMr.T
MC:$3.65KHolders:1
0.00%

Sitemap