{"id":171200,"date":"2021-02-05T05:34:06","date_gmt":"2021-02-05T02:34:06","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/curve-liquidity-providers-see-3m-windfall-from-11m-yearn-finance-exploit\/"},"modified":"2021-02-05T05:34:06","modified_gmt":"2021-02-05T02:34:06","slug":"curve-liquidity-providers-see-3m-windfall-from-11m-yearn-finance-exploit","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/curve-liquidity-providers-see-3m-windfall-from-11m-yearn-finance-exploit\/","title":{"rendered":"# Curve liquidity providers see $3M windfall from $11M Yearn Finance exploit"},"content":{"rendered":"<p>&#8220;<strong># Curve liquidity providers see $3M windfall from $11M Yearn Finance exploit <\/strong>&#8221;<\/p>\n<div class=\"post-content\" data-v-5a136f3a>DeFi protocol Yearn Finance has reported that its V1 yDAI vault was exploited by a hacker to the tune of $11 million on Feb. 5. However, the hacker failed to reap the lion\u2019s share of the heist, with Curve liquidity providers making more from the attack than its mastermind.<\/p>\n<p>While the vault lost $11 million in total, Yearn developer \u201cBanteg\u201d tweeted that the hacker had only been able to profit to the tune of $2.8 million. The team has suspended all deposits to its V1 DAI, USDC, USDT, and TUSD amid an ongoing investigation.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Yearn DAI v1 vault got exploited, the attacker got away with $2.8m, the vault lost $11m. Deposits into strategies disabled for v1 DAI, TUSD, USDC, USDT vaults while we investigate. <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/t.co\/1RWYyu0d5m\">pic.twitter.com\/1RWYyu0d5m<\/a><\/p>\n<p>\u2014 banteg (@bantg) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/bantg\/status\/1357453626847952896?ref_src=twsrc%5Etfw\">February 4, 2021<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script>Cointelegraph reached out to the developer for comments regarding the attack, but Banteg indicated the team does not wish to make further comments on the incident until their investigations into the exploit have been completed.<\/p>\n<p>Banteg did share an analysis of the incident suggesting the hacker had been able to steal 513,000 DAI and $1.7 million USDT, with the remainder of their stash taking the form of CRV tokens.<\/p>\n<p>Stani Kulechov, the founder of flash-loan protocol Aave, tweeted that the attack comprised a complex exploit involving more than 160 transactions across multiple DeFi platforms that spent more than $5,000 in gas fees.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Complex exploit with over 160 nested transactions transactions and 8,6 mm gas used (around 75% of the block) resulted to 2.7 mm USD loss  <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/t.co\/WdqMGTuBQF\">https:\/\/t.co\/WdqMGTuBQF<\/a> <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/t.co\/MoaZIfGKGa\">https:\/\/t.co\/MoaZIfGKGa<\/a><\/p>\n<p>\u2014 stani.eth  v2 is live  (@StaniKulechov) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/StaniKulechov\/status\/1357453837213331459?ref_src=twsrc%5Etfw\">February 4, 2021<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>VC investor Julien Thevenard noted that more than $3 million of the funds stolen from the vault had been received by liquidity providers on DeFi lending platform Curve. Banteg indicated to Cointelegraph that Thevenard\u2019s analysis is accurate.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">In this exploit, the arber got away with $2.8M and <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/CurveFinance?ref_src=twsrc%5Etfw\">@CurveFinance<\/a> stakers received over $3M &#8230; <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/t.co\/TV7u2VM4BU\">https:\/\/t.co\/TV7u2VM4BU<\/a> <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/t.co\/NgyIyjpbwC\">pic.twitter.com\/NgyIyjpbwC<\/a><\/p>\n<p>\u2014 Julien Thevenard (@JulienThevenard) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/JulienThevenard\/status\/1357460810633773061?ref_src=twsrc%5Etfw\">February 4, 2021<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p><a href=\"https:\/\/buradabiliyorum.com\/en\/category\/news\/\" data-internallinksmanager029f6b8e52c=\"2\" title=\"News\" target=\"_blank\" rel=\"noopener\">News<\/a> of the exploit <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">app<\/a>ears to have driven a 15% crash in the price of Yearn Finance\u2019s governance token in less than two hours with YFI plunging from $35,000 to a local low of $29,600. YFI last changed hands for $31,070 at the time of writing.<\/p>\n<figure><img decoding=\"async\" src=\"https:\/\/s3.cointelegraph.com\/uploads\/2021-02\/b4855835-fae8-4833-968e-41217053b670.png\"><figcaption style=\"text-align: center;\">YFI\/USD, 1-hr chart: <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.tradingview.com\/symbols\/YFIUSDT\/?exchange=BINANCE\">TradingView<\/a><\/figcaption><\/figure>\n<p>Despite the crash, Yearn\u2019s total value locked has remained relatively steady, with its TVL falling just 4% from $526.5 million to $507.2 million, according to <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/defipulse.com\/yearn.finance\">DeFi Pulse<\/a>.<\/p>\n<p>The Feb. 4 attack is not the first to target a project from Yearn lead developer Andre Cronje, with a hacker draining $15 million from Eminence \u2014 an unfinished project that Cronje\u2019s followers rushed to lock funds in \u2014 after the developer went to bed one night in September 2020.<\/p>\n<p><template data-name=\"subscription_form\" data-type=\"defi_newsletter\"><\/template><\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong>\n<\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more News articles, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/general\/\" target=\"_blank\" rel=\"noopener\">General category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/cointelegraph.com\/news\/curve-liquidity-providers-see-3m-windfall-from-11m-yearn-finance-exploit\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8220;# Curve liquidity providers see $3M windfall from $11M Yearn Finance exploit &#8221; DeFi protocol Yearn Finance has reported that its V1 yDAI vault was exploited by a hacker to the tune of $11 million on Feb. 5. However, the hacker failed to reap the lion\u2019s share of the heist, with Curve liquidity providers making&#8230;<\/p>\n","protected":false},"author":1,"featured_media":171201,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/images.cointelegraph.com\/images\/1200_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjEtMDIvMDE3NWYzOGItMTcyMi00Zjg0LWIyMDItMTU0ZDc2MjAyODA1LmpwZw==.jpg","fifu_image_alt":"","footnotes":""},"categories":[1],"tags":[74867,74868,74882,4965],"class_list":["post-171200","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","tag-altcoin","tag-defi","tag-hacks","tag-technology"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/171200","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=171200"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/171200\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/171201"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=171200"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=171200"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=171200"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}