- Yearn Finance invited followers to hack them and opened permissioned functions on its vault.
- After an $11 million exploit in April, yUSDT’s misconfiguration was identified as the attack source.
- Yearn’s Total Value Locked (TVL) declined 94%, now ranking 24th at $431 million.
Earlier today DeFi protocol Yearn Finance turned the tables on its hackers and invited its followers to hack them. “We’ve even opened up almost all permissioned functions on the vault,” announced the platform while adding the link to its vault.
In April, Yearn Finance lost over $11 million worth of stablecoins to an exploit. Subsequently, blockchain security companies reported that the misconfigured stablecoin yUSDT of Yearn Finance was the source of the attack. Moreover, Peckshield confirmed that the hacker effectively utilized this weakness to generate an astounding amount of yUSDT, specifically 1,252,660,242,212,927.5, with only 10,000 USDT as their initial investment.
However, Yearn Finance capitalized on the vulnerability after undergoing numerous audits and internal reviews. Through a daring “battle test,” the protocol declared that any user able to take the funds and strategy from Yearn’s vault is allowed to keep it as a reward. Specifically targeting its Twitter audience, Yearn Finance noted,
Yearn v3 has gone through multiple audits and internal reviews, but it’s time for the real battle test.
After the attack in April, Yearn Finance deployed an investigation that revealed the legacy iEarn USDT (yUSDT) token contract as the bug behind the hack. Based on updates, the bug remained present in various versions of the system, resulting in the exploitation and depletion of multiple Curve pools, including BUSD and PAX.
Over the years, Yearn has experienced a significant decline, currently occupying the 24th position in the total value-locked rankings. According to DeFiLlama, Yearn’s Total Value Locked (TVL) now stands at a mere $431 million, with little to no growth over the past year. Furthermore, its TVL has plummeted by a staggering 94% from its peak value of nearly $7 billion in late 2021.
Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.
