DeFi’s Veteran Protocol Yearn Finance Suffers Yet Another Breach: Fourth In Just Weeks

Yearn Finance suffers another breach as a legacy v1 contract is exploited, losing 103 ETH weeks after a $6.6M hack.

Yearn Finance has suffered its fourth exploit in a few weeks. The latest attack caused a loss of around 103 ETH, worth roughly $300,000. 

The hacker targeted a legacy Yearn v1 smart contract, formerly known as iearn. This incident follows a $6.6 million exploit reported in November. Yearn Finance users and observers are monitoring the situation closely.

Details of the Latest Exploit

The attacker used a flash loan to manipulate token prices in the affected vault. They withdrew the iearn assets and converted them into ETH. 

PeckShield reported the exploit shortly after it occurred. The stolen funds were sent to the address 0x0F21…4066. The contract involved is part of Yearn v1 and has not been updated for years.

Legacy contracts remain active alongside newer Yearn vaults. Besides, developers warn that older smart contracts can be vulnerable to attacks. Flash loans allow hackers to borrow large amounts without collateral. 

They then manipulate prices to withdraw assets quickly. Users are encouraged to remain cautious when using older vaults.

History of Yearn Finance Exploits

This marks Yearn Finance’s fourth hack in recent years.

In November, the protocol lost $6.6 million in an infinite mint exploit. In 2023, Yearn lost $11 million in another hack and $1.4 million connected to Euler Finance. 

Besides, in 2021, a similar exploit resulted in an $11 million loss. Each attack used complex methods like flash loans and price manipulation.

Security audits have been performed, but legacy contracts remain at risk. The repeated attacks show older protocols are still vulnerable. Yearn Finance continues reviewing all active contracts for weaknesses. 

Besides, users are advised to check vault balances regularly. The DeFi community monitors these incidents for future risk management.

Related Readings: Yearn Finance Suffers Major yETH Hack, ETH Sent to Mixer

Community and Security Response

PeckShield and other blockchain monitors tracked the exploit immediately. Users were urged to check balances and secure any vulnerable funds. 

Yearn Finance has not provided public details on recovery plans. The protocol team continues reviewing remaining v1 contracts for vulnerabilities. Moreover, developers recommend caution when interacting with older vaults.

Audits and security checks are being increased to prevent further losses. Flash loan attacks continue to pose risks for legacy DeFi protocols. 

Users and developers are encouraged to remain vigilant. Monitoring of assets and transactions remains a priority for security teams.

The post DeFi’s Veteran Protocol Yearn Finance Suffers Yet Another Breach: Fourth In Just Weeks appeared first on Live Bitcoin News.