Aave, Yearn Finance Exploiter Steals Over $10M in Stablecoins: Report

As DeFi hacks continue, the latest protocols to be targeted by exploiters are Aave and Yearn Finance, according to blockchain security firm PeckShield.

Aave’s version 1 was impacted, while versions 2 and 3 remained unaffected. The oldest version has been frozen since December 2022, and the team behind the lending protocol said it is monitoring the situation.

  • Lookonchain’s data suggest that the exploiter may have managed to rake in more than $10 million in stablecoins DAI, USDC, BUSD, USDT, and TUSD.
  • PeckShield clarified that the root cause is due to misconfigured yUSDT, not related to Aave.

β€œIt appears the root cause is due to the misconfigured yUSDT, which is exploited to mint huge yUSDT (1,252,660,242,212,927.5) from a small $10K USDT. The huge yUSDT is then cashed out by swapping to other stablecoins..”

  • Aave Chan creator Marc Zeller, in a tweetsaid no user can deposit or increase borrow size making the issue unlikely but not impossible.
  • He further revealed that the current size of V1 is $18 million, while the current size of the Aave safety module stands at $382.50 million.
  • Stories of hacks and exploits have been rampant this year. March alone, cybercriminals stole $211.5 million worth of cryptocurrencies via 26 attacks.
  • Earlier this week, $3.3 million in ETH was drained from SushiSwap’s approval contract.

Binance Free $100 (Exclusive): Use this link to register and receive $100 free and 10% off fees on Binance Futures first month (terms).

PrimeXBT Special Offer: Use this link to register & enter CRYPTOPOTATO50 code to receive up to $7,000 on your deposits.

Source link

Leave a Comment