Yearn was hacked for 9 million! The yETH infinite minting vulnerability has recovered 2.4 million dollars.

The original DeFi protocol Yearn Finance lost approximately 9 million USD in an attack on Sunday, where attackers were able to mint nearly unlimited amounts of yETH tokens and drain the Yearn Ether stablecoin pool. As of December 1st, the Yearn Finance team has recovered approximately 2.4 million USD of the stolen assets from the recent attack, and a coordinated recovery effort is “actively underway.”

Unverified Arithmetic: Full Analysis of the yETH Critical Vulnerability

(Source: Etherscan)

On Sunday, a vulnerability in the once-popular liquidity mining protocol Yearn was exploited, leading to the theft of assets from the Yearn Ethereum (yETH) stablecoin pool and the smaller yETH-WETH pool on the Curve platform. Yearn stated that this is the third attack on Yearn since 2021, and its complexity is “similar” to the recent attack suffered by Balancer.

According to the post-analysis report released on Monday, the “root cause” stems from an “unchecked arithmetic” vulnerability and other “design flaws that led to the issue,” which allowed attackers to mint 2.3544×10^56 yETH Tokens (almost limitless) to withdraw liquidity from the protocol. This number is astronomical, far exceeding the total supply of all Ethereum globally. This infinite minting vulnerability is considered one of the most severe types of vulnerabilities in smart contract security.

“Unchecked arithmetic” refers to the situation where a smart contract performs mathematical operations without checking whether the result overflows or underflows. In versions of Solidity prior to 0.8.0, integer overflow does not automatically throw an error but wraps around to the minimum or maximum value. Attackers can exploit this feature by carefully designed transaction sequences, causing a value to overflow into a very large or very small number, thereby bypassing the protocol's limitations.

According to the post-analysis, “the actual exploit transaction follows this pattern: after a large-scale issuance, a series of withdrawals are made to transfer real assets into the hands of the attacker, while the supply of yETH tokens is actually meaningless.” This attack pattern is extremely efficient because the attacker does not need to provide any real collateral, they only need to exploit arithmetic vulnerabilities to create tokens out of thin air, and then use these tokens to extract real Ethereum from the protocol.

Yearn pointed out that this attack was targeted and will not affect its V2 or V3 vaults. “Any assets successfully recovered will be returned to the affected depositors,” the team added. This commitment is extremely important for the affected users, as it shows that Yearn is willing to take responsibility and do its best to make up for the losses.

Yearn Attack Key Data

Total Loss: Approximately 9 million USD

Recovered: approximately 2.4 million USD (27%)

Still Wanted: About 6.6 million USD

Affected Protocols: yETH stablecoin pool, yETH-WETH pool on Curve

Not affected: V2 and V3 vaults

Self-Destructing Auxiliary Contracts: How Hackers Cover Their Tracks

As previously reported by The Block, the attackers have transferred at least 1000 ETH and several liquidity staking tokens to the Tornado Cash anonymization platform. As of the time of publication, Yearn, in collaboration with crypto security firms SEAL 911 and ChainSecurity, has recovered 857.49 pxETH through the Plume network. These recovered assets account for approximately 27% of the total losses, indicating that the recovery efforts have made initial progress, but a significant amount of assets remains unaccounted for.

BlockScout pointed out that hackers used self-destructing “auxiliary contracts” in the attack. These code inserts are specifically designed for executing automated tasks and are often used in flash loan attacks, which require multiple steps to be completed in a single transaction. For example, the attackers manipulated a vulnerable yETH function using an auxiliary contract, minting an astonishing amount of tokens, depleting the protocol's resources, and then self-destructing.

“The self-destruct mechanism will remove the bytecode, making the contract unreadable after detonation, but the transaction and log creation will be retained,” Blockscout stated. This self-destruct technique is a common method used by hackers to eliminate evidence. By destroying auxiliary contracts after the attack is completed, hackers can increase the difficulty of tracking and analysis. Although the contract creation records and transaction logs still exist on the blockchain, without the contract code, security researchers need to spend more time reconstructing the complete process of the attack.

The use of self-destructing auxiliary contracts indicates that this attack was well-planned. The attackers not only discovered arithmetic vulnerabilities in the yETH smart contract but also designed a complex attack process and mechanisms to cover their tracks. This level of expertise suggests that the attackers may be experienced white-hat hackers turned black-hat or a professional hacking team specializing in Decentralized Finance attacks.

The use of Tornado Cash further increases the difficulty of recovery. Tornado Cash is the most famous mixer on Ethereum, capable of disrupting the tracking chain of funds on the blockchain. After attackers deposit 1000 ETH and several liquidity staking Tokens into Tornado Cash, the source of these assets becomes extremely difficult to trace. Although Tornado Cash was sanctioned by the U.S. Treasury in 2022, its smart contracts still operate on-chain and hackers can still use it.

Yearn Attacked for the Third Time: The Security Dilemma of DeFi Veterans

Yearn indicated that this is the third attack against Yearn since 2021. This figure reveals a concerning trend: even the most well-known DeFi protocols cannot fully avoid security vulnerabilities. Yearn Finance was one of the iconic protocols of DeFi Summer, attracting billions of dollars in total locked value between 2020 and 2021. However, as the protocol becomes increasingly complex, the attack surface continues to expand.

The third attack has severely damaged Yearn's reputation. For users choosing a DeFi protocol, the security record is one of the most important considerations. When a protocol is repeatedly attacked, even if some assets can be recovered each time, user confidence will continue to decline. This may lead to capital outflows, putting Yearn at a disadvantage in competition with rivals like Aave and Compound.

Yearn announced on Sunday: “Preliminary analysis indicates that the complexity of this hack is similar to the recent Balancer hacking incident, so please be patient as we conduct a post-analysis. No other Yearn products are using code similar to the affected code.” This statement aims to reassure users, emphasizing that only the yETH pool is affected, and that the V2 and V3 vaults are safe.

However, this type of segmented security assurance may not be sufficient in the eyes of users. If a certain module of a protocol has such a serious vulnerability, users will question whether other modules also have similar issues. Even if the technical team claims that other products use different code, the overall code auditing process and security standards may have systemic flaws.

From a broader perspective of DeFi security, this attack once again reminds us of the importance of smart contract security. The seemingly basic error of “unchecked arithmetic” being present in a mature protocol that has been operating for many years illustrates that there are still blind spots in code auditing and security testing. DeFi protocols need to invest more resources in security audits, bug bounty programs, and ongoing code reviews.

The Road to Recovering 2.4 Million: The Showdown Between SEAL 911 and ChainSecurity

According to the latest news released on Monday, the Yearn Finance team has recovered approximately $2.4 million of stolen assets from the recent attack. As of the time of publication, Yearn is collaborating with crypto security companies SEAL 911 and ChainSecurity to recover 857.49 pxETH through the Plume network. The recovered assets account for about 27% of the total losses, indicating that the recovery efforts have made initial progress.

SEAL 911 is a well-known incident response team in the cryptocurrency field, specializing in handling hacking attacks, asset recovery, and security incidents. ChainSecurity is a professional smart contract auditing company that has provided security auditing services for several top DeFi protocols. The collaboration between the two organizations demonstrates Yearn's commitment to recovery efforts.

The Plume network played a key role in the recovery process. Through on-chain analysis and cross-chain tracking, the security team successfully located the flow of some of the stolen assets. The recovery of 857.49 pxETH may have come from traces left by the attackers during the asset transfer process, or funds may have been frozen through cooperation with other protocols and exchanges.

However, approximately 6.6 million USD in assets remain unrecovered. These assets have likely been laundered through the Tornado Cash mixer or transferred to untraceable channels. The attackers transferred at least 1000 ETH to Tornado Cash, making the recovery of these assets extremely difficult. Unless the hackers make a mistake or law enforcement intervenes, these assets may be permanently lost.

“Any successfully recovered assets will be returned to the affected depositors.” This commitment from the Yearn team is the only comfort for the victims. However, a 27% recovery rate means that most users will suffer permanent losses. It also serves as a reminder to DeFi users that while decentralized protocols offer high-yield opportunities, they also carry risks of smart contract vulnerabilities, hacking attacks, and lack the deposit insurance protections of traditional finance.