Yearn Finance Suffers $9M Breach As Attacker Creates Endless yETH Tokens
Yearn Finance reported {that a} legacy yETH product was hit by an exploit that allowed an attacker to mint an enormous quantity of pretend tokens and swap them for actual belongings.
According to on-chain alerts and protocol statements, the attacker created a near-infinite provide of yETH in a single transaction, then used these tokens to tug ETH and liquid-staking derivatives from liquidity swimming pools.
The incident was first flagged on November 30, 2025, and the whole affect has been reported at roughly $9 million.
#PeckShieldAlert Yearn Finance @yearnfi suffered an assault leading to a complete lack of ~$9M.
The exploit concerned minting a near-infinite variety of yETH tokens, depleting the pool in a single transaction.
~1K $ETH (price ~$3M) was despatched to #TornadoCash, whereas the exploiter’s… pic.twitter.com/IXNygpwoWa
— PeckShieldAlert (@PeckShieldAlert) December 1, 2025
How The Exploit Worked
Based on reports, the attacker took benefit of a flaw within the yETH minting logic and produced tokens on the order of 235 trillion in a single go.
Those nugatory tokens have been then swapped for actual belongings from Balancer and Curve swimming pools tied to the product, emptying liquidity in minutes. Chain displays and safety researchers confirmed the mint and subsequent swaps unfolding in a short time on the blockchain.
At 21:11 UTC on Nov 30, an incident occurred involving the yETH stableswap pool that resulted within the minting of a considerable amount of yETH. The contract impacted is a customized model of widespread stableswap code, unrelated to different Yearn merchandise. Yearn V2/V3 vaults will not be in danger.
— yearn (@yearnfi) December 1, 2025
What Assets Were Taken
Reports have disclosed that roughly $8 million was pulled from the principle yETH stable-swap pool, whereas about $0.9 million was taken from a yETH–WETH pool.
In addition, roughly 1,000 ETH—valued at about $3 million on the time of motion—was despatched to Tornado Cash in makes an attempt to obscure the path. The attacker transformed faux yETH into a mixture of ETH and liquid staking tokens earlier than trying to launder funds.
Impact On Yearn’s Core Products
According to Yearn officers and follow-up protection, the breach was restricted to an older, legacy implementation of the yETH product and didn’t have an effect on Yearn’s important V2 and V3 vaults.
Deposits into the affected pool have been remoted whereas the crew and outdoors consultants started an investigation. This isolation is alleged to have saved the majority of consumer funds in energetic vaults from being touched.
Market Reaction And Wider Concerns
Crypto markets noticed promoting stress because the information unfold, with merchants weighing the danger that comes from combining liquid staking tokens with customized swap code.
Yearn Finance mentioned it’s working with exterior safety groups to run a autopsy and to patch the vulnerability. Based on studies, groups named in protection embody exterior auditors and blockchain investigators who’re monitoring the stolen funds and advising on restoration choices.
The protocol’s discover warned customers concerning the affected legacy product and urged warning whereas the evaluate continues.
Featured picture from Unsplash, chart from TradingView
