Yearn Finance yETH Hack: Stolen Funds Exceed $11.5 Million
- Lyla Velez
- December 1, 2025
- News
- 0 Comments
- Yearn Finance’s yUSDT vault exploited, significant financial impact.
- Attacker laundered funds using Tornado Cash.
- Community reassured the situation is under investigation.
Yearn Finance’s yETH vault suffered a substantial hack, resulting in over $11.5 million in stolen funds. The incident occurred through a vulnerability, allowing the attacker to misuse yUSDT vault contracts.
The hack showcases vulnerabilities in DeFi protocols, raising concerns about security and the integrity of smart contracts within the ecosystem.
The Yearn Finance protocol was exploited through a contract misconfiguration, prompting the attacker to mint a large quantity of yUSDT tokens. Using minimal USDT, these tokens were converted into various stablecoins like DAI, USDC, and TUSD.
Key contributors, including security researchers, have been raising awareness about the risks of legacy contracts. While the total value locked (TVL) in affected vaults dropped drastically, other Yearn Finance vaults remained unaffected.
As per on-chain data, the attacker managed to swap the minted tokens and launder funds through Tornado Cash, a mixing service. This incident emphasizes ongoing regulatory issues around such platforms used for concealing fund routes.
Historically, DeFi has faced similar scenarios where smart contract vulnerabilities led to substantial fund losses. Yearn Finance’s focus turns to enhancing security measures and safeguarding its ecosystem against such threats in the future.
Yearn v2 vaults seem not to be impacted. Yearn contributors are investigating. Further comms to follow on main account.
— Storming0x, Security Researcher, Yearn Finance
| Disclaimer: The content on nftenex.com is provided for informational purposes only and should not be considered financial or investment advice. Cryptocurrency investments carry inherent risks. Please consult a qualified financial advisor before making any investment decisions. |
