3 - 5 minute read
A recent hack discovered by blockchain security firm PeckShield allowed the exploiter to mint over 1 quadrillion Yearn Tether (yUSDT), amounting to $11.6 million worth of stablecoins. The hacker managed to swap yUSDT to other stablecoins and transfer 1,000 Ether, worth almost $2 million, to the sanctioned cryptocurrency mixer Tornado Cash.
It is not the first time decentralized finance (DeFi) has experienced such hacking problems. According to the quarterly report of blockchain security firm CertiK, more than $320 million were lost to hacks in the first quarter of 2023, which is much lower compared to 2022’s first quarter where $1.3 billion were lost and in the fourth quarter where $950 million were lost to hacks. The platform where the hack happened, Yearn Finance, made a statement that the issue was in iearn, an outdated contract before Vaults V1 and V2, and the current Yearn Finance contracts and protocols are not affected by the exploit.
The fact that the DeFi space still struggles with hacking issues can lead investors to be wary of investing their money. The hacker managed to take hold of almost $12 million worth of stablecoins, which, if not addressed, could lead to a decrease in trust towards Yearn Finance and DeFi in general. It is also concerning that the hacker managed to transfer funds to the sanctioned cryptocurrency mixer Tornado Cash without getting caught. The reputable blockchain security firm PeckShield pointed an alarm in Aave and Yearn Finance to inform them about the situation, allowing them to take appropriate action.
The hack that happened in Yearn Finance serves as a reminder to investors that the DeFi space still holds risks. It is important to note that the current Yearn Finance contracts and protocols are not affected by the exploit. However, the possibility of similar hacks can make investors think twice about investing their money in DeFi platforms that have been previously hacked. For traders, it is important to always do their due diligence and research investments thoroughly, assessing potential risks and opportunities.
The loss of today's @iearnfinance yUSDT hack is ~$11.6m.
— PeckShield Inc. (@peckshield) April 13, 2023
As mentioned earlier, the hacker exploits a bug in the misconfigured yUSDT – https://t.co/sYuEuiBhAo – to mint extremely huge amount of yUSDT (1,252,660,242,212,927.5) from a small $10K USDT. Next, the minted yUSDT is… https://t.co/Qz3vwtbcot pic.twitter.com/UZf3TJNPMu
The Bottom Line
The hack in Yearn Finance reminds investors that the DeFi space is not immune to hacking issues. While the current Yearn Finance contracts and protocols are not affected by the exploit, it remains crucial for traders to do their due diligence when investing in DeFi platforms. The possible risks and opportunities should always be assessed thoroughly before making an investment decision.