Yearn Finance reported {that a} legacy yETH product was hit by an exploit that allowed an attacker to mint a large quantity of faux tokens and swap them for actual property.
In keeping with on-chain alerts and protocol statements, the attacker created a near-infinite provide of yETH in a single transaction, then used these tokens to drag ETH and liquid-staking derivatives from liquidity swimming pools.
The incident was first flagged on November 30, 2025, and the whole influence has been reported at roughly $9 million.
#PeckShieldAlert Yearn Finance @yearnfi suffered an assault leading to a complete lack of ~$9M.
The exploit concerned minting a near-infinite variety of yETH tokens, depleting the pool in a single transaction.
~1K $ETH (price ~$3M) was despatched to #TornadoCash, whereas the exploiter’s… pic.twitter.com/IXNygpwoWa
— PeckShieldAlert (@PeckShieldAlert) December 1, 2025
How The Exploit Labored
Primarily based on reports, the attacker took benefit of a flaw within the yETH minting logic and produced tokens on the order of 235 trillion in a single go.
These nugatory tokens have been then swapped for actual property from Balancer and Curve swimming pools tied to the product, emptying liquidity in minutes. Chain screens and safety researchers confirmed the mint and subsequent swaps unfolding in a short time on the blockchain.
At 21:11 UTC on Nov 30, an incident occurred involving the yETH stableswap pool that resulted within the minting of a considerable amount of yETH. The contract impacted is a customized model of well-liked stableswap code, unrelated to different Yearn merchandise. Yearn V2/V3 vaults should not in danger.
— yearn (@yearnfi) December 1, 2025
What Property Have been Taken
Experiences have disclosed that roughly $8 million was pulled from the primary yETH stable-swap pool, whereas about $0.9 million was taken from a yETH–WETH pool.
As well as, roughly 1,000 ETH—valued at about $3 million on the time of motion—was despatched to Twister Money in makes an attempt to obscure the path. The attacker transformed pretend yETH into a mixture of ETH and liquid staking tokens earlier than making an attempt to launder funds.
Influence On Yearn’s Core Merchandise
In keeping with Yearn officers and follow-up protection, the breach was restricted to an older, legacy implementation of the yETH product and didn’t have an effect on Yearn’s foremost V2 and V3 vaults.
Deposits into the affected pool have been remoted whereas the group and out of doors consultants started an investigation. This isolation is alleged to have saved the majority of consumer funds in lively vaults from being touched.
Market Response And Wider Considerations
Crypto markets noticed promoting strain because the information unfold, with merchants weighing the chance that comes from combining liquid staking tokens with customized swap code.
Yearn Finance stated it’s working with outdoors safety groups to run a autopsy and to patch the vulnerability. Primarily based on experiences, groups named in protection embrace exterior auditors and blockchain investigators who’re monitoring the stolen funds and advising on restoration choices.
The protocol’s discover warned customers in regards to the affected legacy product and urged warning whereas the evaluate continues.
Featured picture from Unsplash, chart from TradingView
