Yearn Finance reported {that a} legacy yETH product was hit by an exploit that allowed an attacker to mint an enormous quantity of pretend tokens and swap them for actual property.
In line with on-chain alerts and protocol statements, the attacker created a near-infinite provide of yETH in a single transaction, then used these tokens to drag ETH and liquid-staking derivatives from liquidity swimming pools.
The incident was first flagged on November 30, 2025, and the overall affect has been reported at roughly $9 million.
#PeckShieldAlert Yearn Finance @yearnfi suffered an assault leading to a complete lack of ~$9M.
The exploit concerned minting a near-infinite variety of yETH tokens, depleting the pool in a single transaction.
~1K $ETH (price ~$3M) was despatched to #TornadoCash, whereas the exploiter’s… pic.twitter.com/IXNygpwoWa
— PeckShieldAlert (@PeckShieldAlert) December 1, 2025
How The Exploit Labored
Based mostly on studies, the attacker took benefit of a flaw within the yETH minting logic and produced tokens on the order of 235 trillion in a single go.
These nugatory tokens have been then swapped for actual property from Balancer and Curve swimming pools tied to the product, emptying liquidity in minutes. Chain displays and safety researchers confirmed the mint and subsequent swaps unfolding in a short time on the blockchain.
At 21:11 UTC on Nov 30, an incident occurred involving the yETH stableswap pool that resulted within the minting of a considerable amount of yETH. The contract impacted is a customized model of well-liked stableswap code, unrelated to different Yearn merchandise. Yearn V2/V3 vaults aren’t in danger.
— yearn (@yearnfi) December 1, 2025
What Property Have been Taken
Reviews have disclosed that roughly $8 million was pulled from the principle yETH stable-swap pool, whereas about $0.9 million was taken from a yETH–WETH pool.
As well as, roughly 1,000 ETH—valued at about $3 million on the time of motion—was despatched to Twister Money in makes an attempt to obscure the path. The attacker transformed pretend yETH into a mixture of ETH and liquid staking tokens earlier than making an attempt to launder funds.
Affect On Yearn’s Core Merchandise
In line with Yearn officers and follow-up protection, the breach was restricted to an older, legacy implementation of the yETH product and didn’t have an effect on Yearn’s foremost V2 and V3 vaults.
Deposits into the affected pool have been remoted whereas the workforce and outdoors consultants started an investigation. This isolation is claimed to have stored the majority of consumer funds in lively vaults from being touched.
Market Response And Wider Considerations
Crypto markets noticed promoting strain because the information unfold, with merchants weighing the danger that comes from combining liquid staking tokens with customized swap code.
Yearn Finance mentioned it’s working with exterior safety groups to run a autopsy and to patch the vulnerability. Based mostly on studies, groups named in protection embody exterior auditors and blockchain investigators who’re monitoring the stolen funds and advising on restoration choices.
The protocol’s discover warned customers in regards to the affected legacy product and urged warning whereas the assessment continues.
Featured picture from Unsplash, chart from TradingView
