ExchangeDEX+
Buy CryptoMarketsSpotFutures500XEarnEvents
More
Gold Bar & BTC Giveaway2000g
The post Yearn hacker loses $2.4M of $9M loot as tokens burned from wallet appeared on BitcoinEthereumNews.com. Yearn Finance suffered a $9 million hack on Sunday evening, marking the long-established decentralized finance platform’s fifth incident in as many years.  The attack, which occurred just after 9pm UTC, hit the yield farm’s yETH stableswap pool, extracting various ether (ETH) liquid staking tokens (LSTs). Of these, 850 of Redacted Cartel’s LST, pxETH, (worth $2.4 million) was burned by the issuer, with an equivalent amount simultaneously minted to the team’s multisig. Read more: DeFi yield aggregator Yearn discloses September incident in yUSND vault An on-chain message warned the hacker of this possibility approximately eight hours earlier. It reads, “your erc20s are at risk of being burnt and/or blacklisted,” and advises to “deposit them to a pool or swap to ETH to prevent such happenings.” In addition to the earlier warning, the hacker’s address received two fake bounty offers. Later, a Yearn deployer address urged the attacker to “open a communication channel” for the purposes of “discussing terms constructively.” Read more: DeFi platform Yearn exploits itself, begs for money back Yearn’s third hack The hack was down to a combination of a “numerical bug: unchecked underflow/overflow” and an “invariant-management issue,” according to the post-mortem report published by Yearn’s pseudonymous “bunny talisman” Banteg. This led to the attacker minting 235e36 yETH tokens which it then used to withdraw the underlying LSTs. Banteg was keen to point out that yETH is separate to Yearn’s core vault products and “doesn’t share any code with vaults.” One observer pointed out the efficiency of the hack transaction, which covered the entire attack flow. They claim it “deployed attack contracts, conducted the attack, tornado cashed part of the profits, and self-destructed the contracts.” Launched in September 2023, it took over two years for someone to exploit the vulnerability in the yETH pool. Earlier that year, a yUSDT vault lost… The post Yearn hacker loses $2.4M of $9M loot as tokens burned from wallet appeared on BitcoinEthereumNews.com. Yearn Finance suffered a $9 million hack on Sunday evening, marking the long-established decentralized finance platform’s fifth incident in as many years.  The attack, which occurred just after 9pm UTC, hit the yield farm’s yETH stableswap pool, extracting various ether (ETH) liquid staking tokens (LSTs). Of these, 850 of Redacted Cartel’s LST, pxETH, (worth $2.4 million) was burned by the issuer, with an equivalent amount simultaneously minted to the team’s multisig. Read more: DeFi yield aggregator Yearn discloses September incident in yUSND vault An on-chain message warned the hacker of this possibility approximately eight hours earlier. It reads, “your erc20s are at risk of being burnt and/or blacklisted,” and advises to “deposit them to a pool or swap to ETH to prevent such happenings.” In addition to the earlier warning, the hacker’s address received two fake bounty offers. Later, a Yearn deployer address urged the attacker to “open a communication channel” for the purposes of “discussing terms constructively.” Read more: DeFi platform Yearn exploits itself, begs for money back Yearn’s third hack The hack was down to a combination of a “numerical bug: unchecked underflow/overflow” and an “invariant-management issue,” according to the post-mortem report published by Yearn’s pseudonymous “bunny talisman” Banteg. This led to the attacker minting 235e36 yETH tokens which it then used to withdraw the underlying LSTs. Banteg was keen to point out that yETH is separate to Yearn’s core vault products and “doesn’t share any code with vaults.” One observer pointed out the efficiency of the hack transaction, which covered the entire attack flow. They claim it “deployed attack contracts, conducted the attack, tornado cashed part of the profits, and self-destructed the contracts.” Launched in September 2023, it took over two years for someone to exploit the vulnerability in the yETH pool. Earlier that year, a yUSDT vault lost…

Yearn hacker loses $2.4M of $9M loot as tokens burned from wallet

By: BitcoinEthereumNews
2025/12/02 19:15
Ambire Wallet
WALLET$0.02163+2.12%
FINANCE
FINANCE$0.0002729-3.15%
Belong
LONG$0.003766-7.87%
Harvest Finance
FARM$20.16-1.94%
Ethereum
ETH$3,166.07-1.29%

Yearn Finance suffered a $9 million hack on Sunday evening, marking the long-established decentralized finance platform’s fifth incident in as many years. 

The attack, which occurred just after 9pm UTC, hit the yield farm’s yETH stableswap pool, extracting various ether (ETH) liquid staking tokens (LSTs).

Of these, 850 of Redacted Cartel’s LST, pxETH, (worth $2.4 million) was burned by the issuer, with an equivalent amount simultaneously minted to the team’s multisig.

Read more: DeFi yield aggregator Yearn discloses September incident in yUSND vault

An on-chain message warned the hacker of this possibility approximately eight hours earlier. It reads, “your erc20s are at risk of being burnt and/or blacklisted,” and advises to “deposit them to a pool or swap to ETH to prevent such happenings.”

In addition to the earlier warning, the hacker’s address received two fake bounty offers. Later, a Yearn deployer address urged the attacker to “open a communication channel” for the purposes of “discussing terms constructively.”

Read more: DeFi platform Yearn exploits itself, begs for money back

Yearn’s third hack

The hack was down to a combination of a “numerical bug: unchecked underflow/overflow” and an “invariant-management issue,” according to the post-mortem report published by Yearn’s pseudonymous “bunny talisman” Banteg.

This led to the attacker minting 235e36 yETH tokens which it then used to withdraw the underlying LSTs.

Banteg was keen to point out that yETH is separate to Yearn’s core vault products and “doesn’t share any code with vaults.”

One observer pointed out the efficiency of the hack transaction, which covered the entire attack flow. They claim it “deployed attack contracts, conducted the attack, tornado cashed part of the profits, and self-destructed the contracts.”

Launched in September 2023, it took over two years for someone to exploit the vulnerability in the yETH pool.

Earlier that year, a yUSDT vault lost $11 million after three years of activity. Meanwhile, back in 2021, a flash loan attack drained another $11 million from the DAI v1 vault, with the hacker profiting just $2.8 million.

Two operational mistakes have also cost the Yearn treasury.

A botched swap in December 2023 lost $1.4 million, and the treasury covered a $25,000 malfunction in the yUSND vault in September, announced last week.

Got a tip? Send us an email securely via Protos Leaks. For more informed news, follow us on X, Bluesky, and Google News, or subscribe to our YouTube channel.

Source: https://protos.com/yearn-hacker-loses-2-4m-of-9m-loot-as-tokens-burned-from-wallet/

Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact service@support.mexc.com for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.

You May Also Like

US Dollar Index (DXY) hovers near multi-week low ahead of US PCE data

US Dollar Index (DXY) hovers near multi-week low ahead of US PCE data

The post US Dollar Index (DXY) hovers near multi-week low ahead of US PCE data appeared on BitcoinEthereumNews.com. The US Dollar Index (DXY), which tracks the Greenback against a basket of currencies, struggles to capitalize on the overnight bounce from its lowest level since late October and trades with a mild negative bias during the Asian session on Friday. The index is currently placed around the 99.00 mark, down less than 0.10% for the day, as traders now await the crucial US inflation data before placing fresh directional bets. The September US Personal Consumption Expenditure (PCE) Price Index will be published later today and will be scrutinized for more cues about the Federal Reserve’s (Fed) future rate-cut path. This, in turn, will play a key role in determining the next leg of a directional move for the Greenback. In the meantime, dovish US Federal Reserve (Fed) expectations overshadow Thursday’s upbeat US labor market reports and continue to act as a headwind for the buck. Recent comments from several Fed officials suggested that another interest rate cut in December is all but certain. The CME Group’s FedWatch Tool indicates an over 85% probability of a move next week. Furthermore, reports suggest that White House National Economic Council Director Kevin Hassett is seen as the frontrunner to become the next Fed Chair and is expected to enact US President Donald Trump’s calls for lower rates, which, in turn, favors the USD bears. Nevertheless, the DXY remains on track to register losses for the second straight week, and the fundamental backdrop suggests that the path of least resistance for the index remains to the downside. Hence, any attempted recovery is more likely to get sold into and remain limited. US Dollar Price Last 7 Days The table below shows the percentage change of US Dollar (USD) against listed major currencies last 7 days. US Dollar was the strongest against the Swiss…
Index Cooperative
INDEX$0.627-2.03%
NEAR
NEAR$1.784-4.90%
Multichain
MULTI$0.04159+0.31%
Share
BitcoinEthereumNews2025/12/05 13:43
SSP Stock Surges 11% On FY25 Earnings And European Rail Review

SSP Stock Surges 11% On FY25 Earnings And European Rail Review

The post SSP Stock Surges 11% On FY25 Earnings And European Rail Review appeared on BitcoinEthereumNews.com. SSP Group stock rebounded strongly today. (Photo Illustration by Pavlo Gonchar/SOPA Images/LightRocket via Getty Images) SOPA Images/LightRocket via Getty Images Shares in travel food retailer SSP Group rose sharply today after the company posted solid FY25 results, highlighting good growth in two of its four regional divisions, and a decision to review its under‑performing Continental European rail business. The food and beverage (F&B) company’s stock closed 11.3% up in London on the back of a revenue rise of 7.8% (at constant currency) to £3.6 billion ($4.8 billion) in the 12 months to September. Operating profit jumped by 12.7% to £223 million ($298 million). Under statutory IFRS reporting, however, operating profit fell 58% to £86 million, which SSP said in a statement “reflected £183 million of non‑underlying expenses and impairment charges.” The decision to review its rail business in Continental Europe—the biggest of the F&B giant’s four divisions by revenue at £1,205 million ($1,607 million)—was welcomed by the market, given its weak performance of 2% like-for-like (LFL) growth. A carrot was also dangled— a reward to shareholders arising from the July IPO of SSP’s Indian joint venture Travel Food Services (TFS) with K Hospitality, India’s largest privately held F&B company. SSP Group CEO Patrick Coveney said in a statement: “We acknowledge there is more to do to strengthen our operational performance, most notably in Continental Europe, where we have now reset our team, model, and balance sheet, and have a range of initiatives underway. In addition, we are launching a wide-ranging review of our rail business in Continental Europe. We are also considering options to realise value for our shareholders in line with the delivery of the TFS free float requirement.” SSP currently retains a 50.01% stake in TFS and said: “We believe that India’s market potential, combined with TFS’s attractive…
Railgun
RAIL$2.603-10.33%
Seed.Photo
PHOTO$0.36917+3.14%
Octavia
VIA$0.0085-3.40%
Share
BitcoinEthereumNews2025/12/05 13:37
What Advisors Should Know as the Market Matures

What Advisors Should Know as the Market Matures

The post What Advisors Should Know as the Market Matures appeared on BitcoinEthereumNews.com. In today’s “Crypto for Advisors” newsletter, Gregory Mall from Lionsoul Global breaks down crypto yield, highlighting its maturity, along with its role in a portfolio. We look at why yield may ultimately become crypto’s most durable bridge to mainstream portfolios. Then, in “Ask an Expert,” Kevin Tam highlights key investments from the recent 13F filings, including the news that combined United Arab Emirates sovereign exposure hit $1.08 billion, making them the fourth-largest global holder. Yield in Digital Assets: What Advisors Should Know as the Market Matures For most of its history, crypto has been defined by directional bets: buy, hold, and hope the next cycle delivers. But a quieter transformation has been unfolding beneath the surface. As the digital asset ecosystem has matured, one of its most important and misunderstood developments has been the emergence of yield: systematic, programmatic, and increasingly institutional. The story begins with infrastructure. Bitcoin introduced self-custody and scarcity; Ethereum extended that foundation with smart contracts, turning blockchains into programmable platforms capable of running financial services. Over the past five years, this architecture has given rise to a parallel, transparent credit and trading ecosystem known as decentralized finance (DeFi). While still niche relative to traditional markets, DeFi has grown from under $1 million of total value locked in 2018 to well over $100 billion at peak (DefiLlama). Even after the 2022 downturn, activity has rebounded sharply. For advisors, this expansion matters because it has unlocked something crypto rarely offered in its early years: cash-flow-based returns, not reliant on speculation. But the complexity behind those yields and the risks beneath the surface require careful navigation. Where Crypto Yield Comes From Yield in digital assets does not come from a single source but from three broad categories of market activity. 1. Trading and liquidity provision Automated market makers (AMMs)…
LOOK
LOOK$0.02422+6.22%
WHY
WHY$0.00000001977-0.05%
MAY
MAY$0.01873-2.24%
Share
BitcoinEthereumNews2025/12/05 13:14

Trending News

More

US Dollar Index (DXY) hovers near multi-week low ahead of US PCE data

SSP Stock Surges 11% On FY25 Earnings And European Rail Review

What Advisors Should Know as the Market Matures

VFX vs Snorter vs BlockDAG vs Remittix: Only One Has Live Trading Platform

Cardano’s Hoskinson Shouts Out Ripple and XRP Army: Here’s Why

Quick Reads

More

Verge Crypto News: Privacy-Focused Cryptocurrency Updates and Market Insights

What Is PKN Crypto? A Beginner's Guide to Poken Token

OnlyFans Crypto Payment: How to Use Cryptocurrency for Subscriptions

Bitcoin 2026 Investment Outlook: Navigating Opportunities in the Digital Gold Era

Pi Network (PI) vs Bitcoin: 2026 Utility Currency vs Digital Gold (Investor View)

Crypto Prices

mc_price_img_alt

Bitcoin

BTC

$92,150.00
$92,150.00$92,150.00

-0.90%

mc_price_img_alt

Ethereum

ETH

$3,166.35
$3,166.35$3,166.35

-1.30%

mc_price_img_alt

Solana

SOL

$138.81
$138.81$138.81

-3.07%

mc_price_img_alt

XRP

XRP

$2.0876
$2.0876$2.0876

-3.04%

mc_price_img_alt

Zcash

ZEC

$399.79
$399.79$399.79

+13.19%