Coingradient

Cryptocurrencies, blockchain, NFT and new trends

Yearn Finance Suffers Flash Loan Exploit, Is Aave Also Impacted?

DeFi platform Yearn Finance has suffers a flash loan attack, with millions of funds withdrawn by the hacker. The exploit is concentrated on Aave V1 liquid protocol, blockchain security firm PeckShield reported on Thursday. Yearn security team is aware of the issue and working on a fix.

PeckShield in a subsequent tweet revealed that the root cause is likely due to the misconfigured yUSDT, which is exploited to mint huge yUSDT (approx. 1,252,660,242,212,927.5) from just $10K USDT. The huge yUSDT is then cashed out by swapping to other stablecoins. However, it needs to be confirmed if Aave has any role in the hack.

Beosin Alert noted that the total loss in the Yearn Finance hack is nearly $11,539,783. The blockchain security platform also reported the wallets having the most stolen funds from Yearn Finance. It also confirmed withdrawals of 996k USDC, 570k DAI, and 241k USDT from Aave Lending Pool Core V1.

Live Cryptocurrency Prices, charts and portfolio

CRV Price Prediction: Curve Dao Token Price Could Rally 22% if Buyers Break this Key Barrier24/7 Cryptocurrency News Top 3 Altcoins to Invest in the Coming Bull Run of 202324/7 Cryptocurrency News NEAR Price Prediction: Bullish Pattern Setup Bolsters Near Protocol Coin Price for 40% Rally24/7 Cryptocurrency News XRP Price Prediction: This Bearish Pattern Puts XRP Price for 6-12% Downside Risk24/7 Cryptocurrency News 3 Reasons Why Apecoin Price May Witness Explosive Growth in 202324/7 Cryptocurrency News Track Crypto Ad

Hackers grabbed nearly $11.6 million worth of stablecoins, including 61K USDP, 1.5 million TUSD, 1.8 million BUSD, 1.2 million USDT, 2.58 million USDC, and 3 million DAI. The hackers transferred 1.5 million TUSD to AAVE, and borrowed 634 ETH from AAVE. They then swapped some stablecoins for 600 ETH, with 1,000 ETH already transferred into Tornado Cash.

Aave Not Impacted By Yearn Finance Hack

Crypto researcher Samczsun claimed that Yearn Finance’s version of USDT, called yUSDT, has been broken since it was deployed around three years ago. He said it was “misconfigured to use the Fulcrum iUSDC token instead of the Fulcrum iUSDT token.”

Aave team confirmed that the Aave V1 protocol was used but is not impacted by the hack. Aave CEO Stani Kulechov took to Twitter to confirm this.

Источник