Yearn Finance reported {that a} legacy yETH product was hit by an exploit that allowed an attacker to mint a large quantity of faux tokens and swap them for actual property.
In accordance with on-chain alerts and protocol statements, the attacker created a near-infinite provide of yETH in a single transaction, then used these tokens to drag ETH and liquid-staking derivatives from liquidity swimming pools.
The incident was first flagged on November 30, 2025, and the full impression has been reported at roughly $9 million.
#PeckShieldAlert Yearn Finance @yearnfi suffered an assault leading to a complete lack of ~$9M.
The exploit concerned minting a near-infinite variety of yETH tokens, depleting the pool in a single transaction.
~1K $ETH (price ~$3M) was despatched to #TornadoCash, whereas the exploiter’s… pic.twitter.com/IXNygpwoWa
— PeckShieldAlert (@PeckShieldAlert) December 1, 2025
How The Exploit Labored
Primarily based on experiences, the attacker took benefit of a flaw within the yETH minting logic and produced tokens on the order of 235 trillion in a single go.
These nugatory tokens had been then swapped for actual property from Balancer and Curve swimming pools tied to the product, emptying liquidity in minutes. Chain displays and safety researchers confirmed the mint and subsequent swaps unfolding in a short time on the blockchain.
At 21:11 UTC on Nov 30, an incident occurred involving the yETH stableswap pool that resulted within the minting of a considerable amount of yETH. The contract impacted is a customized model of in style stableswap code, unrelated to different Yearn merchandise. Yearn V2/V3 vaults will not be in danger.
— yearn (@yearnfi) December 1, 2025
What Property Have been Taken
Reviews have disclosed that roughly $8 million was pulled from the primary yETH stable-swap pool, whereas about $0.9 million was taken from a yETH–WETH pool.
As well as, roughly 1,000 ETH—valued at about $3 million on the time of motion—was despatched to Twister Money in makes an attempt to obscure the path. The attacker transformed faux yETH into a mixture of ETH and liquid staking tokens earlier than trying to launder funds.
Influence On Yearn’s Core Merchandise
In accordance with Yearn officers and follow-up protection, the breach was restricted to an older, legacy implementation of the yETH product and didn’t have an effect on Yearn’s foremost V2 and V3 vaults.
Deposits into the affected pool had been remoted whereas the group and outdoors consultants started an investigation. This isolation is claimed to have stored the majority of person funds in energetic vaults from being touched.
Market Response And Wider Considerations
Crypto markets noticed promoting strain because the information unfold, with merchants weighing the chance that comes from combining liquid staking tokens with customized swap code.
Yearn Finance mentioned it’s working with outdoors safety groups to run a autopsy and to patch the vulnerability. Primarily based on experiences, groups named in protection embrace exterior auditors and blockchain investigators who’re monitoring the stolen funds and advising on restoration choices.
The protocol’s discover warned customers concerning the affected legacy product and urged warning whereas the assessment continues.
Featured picture from Unsplash, chart from TradingView
Supply hyperlink