Yearn.finance, one of the biggest platforms in the DeFi ecosystem, has suffered a substantial setback after a DAI lending pool was exploited — with a vault losing stablecoins worth $11.1 million.
It appears that an AAVE flash loan was used by the hacker, who managed to walk away with $2.8 million.
Alarm quickly spread throughout Discord, with one user writing: “Anyone know why v1Dai vault is showing that I’ve lost thousands of DAI in the last few minutes?”
Unsurprisingly, news of the exploit was nothing short of calamitous for the yearn.finance token. YFI rapidly plummeted from $34,716.39 to $30,231.13 – a fall of 12.9%.
Speaking to CoinDesk, Curve Finance’s CEO Michael Egorov said:
“I've expressed my thoughts to yearn team how this could have been prevented (and similar vulnerabilities, too.) But honestly, didn't expect them to have such a mistake in the code, that was a surprise to me.”
At the time of writing, yearn.finance’s founder Andre Cronje was tight-lipped about the exploit.
All of this comes as blockchain intelligence firms warn that DeFi hacks are on the rise. According to CipherTrace, half of all crypto hacks in 2020 targeted decentralized finance protocols — a trend that had been “virtually negligible” in all the years that came before. As the company explained in a recent report:
“Nearly 99% of major fraud volume in the second half of 2020 stemmed from DeFi protocols performing ‘rug pulls’ and other exit scams in a pattern eerily reminiscent of the 2017 ICO craze.”
CipherTrace added that DeFi “is the next major threat vector for fraud and money laundering” — not least because of the lack of regulation.
Subscribe To Our Newsletter!
Follow the latest twists and turns in the crypto bull run with the CoinMarketCap newsletter. It’s free, and you can subscribe here.