12/1/2025 476 words 2 min read

Yearn Finance Suffers $9M Breach As Attacker Creates Endless yETH Tokens

Yearn Finance has reported a significant security breach affecting its legacy yETH product, resulting in the loss of approximately $9 million. An attacker exploited a vulnerability in the minting logic, allowing them to create a vast quantity of fake yETH tokens and subsequently swap them for real assets.

Incident Overview

On November 30, 2025, Yearn Finance flagged an incident involving its yETH stable-swap pool. The attacker took advantage of a flaw that permitted the minting of an immense number of yETH tokens in a single transaction. This exploit enabled the attacker to deplete liquidity pools by converting the counterfeit tokens into real assets, including ETH and liquid-staking derivatives.

According to reports, the attacker minted around 235 trillion yETH tokens in one go, which were then used to withdraw assets from Balancer and Curve pools associated with the product. The breach was executed swiftly, with chain monitors documenting the rapid minting and swapping of tokens on the blockchain.

Assets Involved

The breach led to the extraction of roughly $8 million from the main yETH stable-swap pool, alongside approximately $0.9 million from a yETH–WETH pool. In an attempt to obscure the trail, the attacker transferred about 1,000 ETH—valued at around $3 million at the time— to Tornado Cash. This conversion of fake yETH into a mix of ETH and liquid staking tokens was part of the attacker’s strategy to launder the stolen funds.

Impact on Yearn’s Core Products

Yearn officials have stated that the breach was confined to an older version of the yETH product and did not affect the main V2 and V3 vaults of Yearn Finance. To mitigate further risks, deposits into the affected pool were isolated while the Yearn team, along with external security experts, initiated an investigation into the incident. This isolation measure helped protect the majority of user funds in active vaults.

Market Reaction and Ongoing Response

The news of the breach triggered selling pressure across crypto markets, as traders assessed the risks associated with combining liquid staking tokens with custom swap code. Yearn Finance is currently collaborating with external auditors and blockchain investigators to conduct a thorough post-mortem analysis and address the identified vulnerability. The protocol has also issued warnings to users regarding the affected legacy product and advised caution during the ongoing review process.

Impact on the Crypto Market

Yearn Finance’s breach raises concerns over the security of legacy products in the DeFi space.
The incident may lead to increased scrutiny of similar custom swap codes and liquid staking tokens.
The market reaction highlights the sensitivity of crypto assets to security breaches.
Ongoing investigations could influence user trust and confidence in DeFi protocols.
The incident underscores the importance of robust security measures and timely updates in the crypto industry.

Updated: 12/1/2025, 4:36:29 PM