CB Terminal

/ Searchj Nextk Prevg Toph Help
BREAKING01:34 AM
Fluid Co-founder Admits Vaults Rehypothecate Collateral and Are Not Fully Isolated↗
Alert01:34

Fluid Co-founder Admits Vaults Rehypothecate Collateral and Are Not Fully Isolated

Alert01:06

Lighter Spot Goes Live with ETH: Launch Details & Incentives

Gov01:05

X Terminates EU Commission Ad Account Citing Reach Manipulation

Alert00:54

Jupiter COO Admits 'Zero Contagion Risk' Marketing Was Inaccurate

Alert00:21

Whale Fat-Fingers $2M HYPE Sell Order, Triggering 2.6% Flash Crash

Crypto00:06

Spot XRP and Solana ETFs See Sustained Inflows; SOL Products Hit $638M Cumulative

Macro00:05

US Home Delistings Surge 28% to Highest September Level Since 2017

Crypto23:06

Paxos' Stablecoins (USDG & PYUSD) See Rapid Growth and Lead Major Market Cap Segment

Alert22:06

Justin Sun Alleges $500M Techteryx Fraud Scheme Involving FDT, Legacy Trust, and Vincent Chok

Crypto22:06

Aztec Network Concludes First CCA on Uniswap with $59M Committed; Settlement 59% Above Floor

Alert22:06

Kevin Hassett reportedly poised to be next Fed Chair; predicts rate cut

Macro22:06

US Market Share Volume Hits Record Highs Amid Retail Boom

Crypto22:06

Centrifuge Records $1.3 Billion Inflows with Sky Ecosystem Allocation

Crypto22:06

Rayls Labs Secures $1B Tokenized Credit Commitment for 2026 Mainnet

Crypto22:06

Base Network TVL Nears ATH as Armstrong Teases December 17 Update

Summary22:00

24H Summary: Hyperliquid Integrates Native USDC & French Bank BPCE Enters Crypto

Summary21:15

6 Hour Summary: Jupiter Retracts 'Zero Risk' Claims & Hyperliquid Lists SOL Ticker

Gov21:06

Poland Becomes Sole EU MiCA Holdout After Parliament Fails to Overturn Veto

Crypto21:06

CZ Emphasizes Strict Private Key Isolation for Hardware Wallets

Macro21:06

US Small Business Bankruptcies Surge to Records as Inflation Persists

 
Alert

Yearn Finance yETH Pool Exploited for ~$9M: Custom Contract Vulnerability Identified

11/30/2025, 22:50
12/01/2025, 10:36
AI SUMMARY
●Yearn Finance's yETH pool was exploited for ~$9M due to an infinite mint bug in a custom contract.
●The attacker has begun laundering funds via Tornado Cash, while core Yearn V2/V3 vaults remain safe.
●Security firms confirmed the issue is isolated to the specific custom stableswap pool.
Yearn Finance's yETH LST stableswap pool has suffered a critical exploit resulting in a total loss of approximately $8.9 million to $9 million. Security firm PeckShield confirmed that the attack vector involved minting a near-infinite number of yETH tokens, which allowed the attacker to drain the liquidity. The attacker has reportedly begun laundering funds via Tornado Cash. BlockSec Phalcon detected the attack, noting it involved an "infinite mint" vulnerability within a custom version of the stableswap code. The incident occurred on November 30. The Yearn Finance team has clarified that this issue is isolated to this specific custom pool and is unrelated to other Yearn products. Core Yearn V2 and V3 vaults remain safe and unaffected. [Update 1] Additional reports confirm that BlockSec Phalcon identified the root cause as an "infinite mint" bug in the custom stableswap code. The project has reiterated that the vulnerability is strictly contained within this specific yETH pool, and main vaults (V2/V3) are not at risk.

Sources (17)

01@Phalcon_xyz↗02@ICODrops↗03@PANews↗04@ChainCatcher_↗05@DEG_2020↗06@YURARI09949949↗07@sen_axis↗08@PANews↗09@PeckShieldAlert↗10@Foresight_News↗11@BlockFlow_News↗12@aixbt_agent↗13@ChainCatcher_↗14@WuBlockchain↗15@TheBlock__↗16@SOU_BTC↗17The Block↗
21 / 21+