{"id":17057,"date":"2025-12-02T03:01:03","date_gmt":"2025-12-02T03:01:03","guid":{"rendered":"https:\/\/bitunikey.com\/news\/yearn-finance-recovers-2-4m-following-9m-yeth-exploit\/"},"modified":"2025-12-02T03:01:07","modified_gmt":"2025-12-02T03:01:07","slug":"yearn-finance-recovers-2-4m-following-9m-yeth-exploit","status":"publish","type":"post","link":"https:\/\/bitunikey.com\/news\/yearn-finance-recovers-2-4m-following-9m-yeth-exploit\/","title":{"rendered":"Yearn Finance recovers $2.4M following $9M yETH exploit"},"content":{"rendered":"<p><\/p>\n<div class=\"post-detail__content blocks\">\n<p class=\"is-style-lead\">Yearn Finance has taken its first major step toward repairing the damage from its recent yETH exploit after securing a partial recovery.<\/p>\n<div id=\"cn-block-summary-block_26cf1506111738e8ad6ac86a8a0e9a25\" class=\"cn-block-summary\">\n<div class=\"cn-block-summary__nav tabs\">\n        <span class=\"tabs__item is-selected\">Summary<\/span>\n    <\/div>\n<div class=\"cn-block-summary__content\">\n<ul class=\"wp-block-list\">\n<li>Yearn Finance recovered $2.4M from the $9M yETH exploit through a coordinated effort with Plume and Dinero.<\/li>\n<li>The recovery covers assets still held by the attacker, while the laundered ETH remains out of reach.<\/li>\n<li>A full post-mortem is underway as Yearn prepares further steps to return remaining funds to affected users.<\/li>\n<\/ul><\/div>\n<\/div>\n<p><!-- .cn-block-summary --><\/p>\n<p>Yearn Finance has recovered $2.4 million from the $9 million yETH exploit that hit the protocol at the end of November.<\/p>\n<p>The update came late on Dec. 1, when Yearn <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/x.com\/yearnfi\/status\/1995488425785659492?s=46&amp;t=nznXkss3debX8JIhNzHmzw\" target=\"_blank\" rel=\"nofollow\">confirmed<\/a> that 857.49 pxETH had been recovered through a coordinated effort with Plume and Dinero, and that all retrieved funds will be returned to affected users.<\/p>\n<h2 class=\"wp-block-heading\">The exploit that hit Yearn\u2019s legacy yETH pool<\/h2>\n<p>The incident took place at 21:11 UTC on Nov. 30 and targeted Yearn\u2019s legacy yETH stableswap pool, a contract powered by custom code rather than the standard Curve (CRV) implementation. <\/p>\n<p>A subtle arithmetic flaw allowed the attacker to mint an enormous amount of yETH in one transaction, which they then used to drain assets from the affected pools. Roughly $8 million was taken from the yETH stableswap pool and another $900,000 from the yETH-WETH pool on Curve.<\/p>\n<p>    <!-- .cn-block-related-link --><\/p>\n<p>No other Yearn product used this contract, and V2 and V3 vaults, which hold more than $600 million, were not touched. Engineers from Yearn, SEAL 911, and ChainSecurity entered a war-room immediately after the breach, and a full post-mortem is underway.<\/p>\n<p>Part of the stolen Ethereum (ETH) was quickly laundered through Tornado Cash, limiting the chances of full recovery, but several LST assets tied to the attacker\u2019s wallets were still traceable during the window that followed the exploit. That is where Yearn focused its efforts.<\/p>\n<h2 class=\"wp-block-heading\">How Yearn recovered $2.4M and what happens next<\/h2>\n<p>The pxETH recovered in the latest update was still within the attacker\u2019s reach and had not been mixed or converted. Working with Plume and Dinero, Yearn neutralized the exploiter\u2019s pxETH positions and redirected equivalent value back to the protocol.<\/p>\n<figure class=\"wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter\">\n<div class=\"wp-block-embed__wrapper\">\n<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">yETH update: With the assistance of the Plume and Dinero teams, a coordinated recovery of 857.49 pxETH ($2.39m) was performed. Recovery efforts remain active and ongoing. Any assets successfully recovered will be returned to affected depositors.<a rel=\"nofollow\" target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/t.co\/xaClNhd0C0\">https:\/\/t.co\/xaClNhd0C0<\/a><\/p>\n<p>\u2014 yearn (@yearnfi) <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/twitter.com\/yearnfi\/status\/1995488425785659492?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"nofollow\">December 1, 2025<\/a><\/p><\/blockquote>\n<\/div>\n<\/figure>\n<p>This will allow affected depositors to be compensated without waiting for courtroom processes or lengthy negotiations. The team said recovery efforts are still active and that additional assets may follow if on-chain options allow it. <\/p>\n<p>Users who were impacted can request support through Yearn\u2019s Discord while the investigation continues. The protocol has also reiterated that none of its other products share this code path and that old contracts are being reviewed to prevent similar issues.<\/p>\n<p>The quick communication has helped steady sentiment around Yearn\u2019s ecosystem, especially after YFI\u2019s sharp drop following the attack. The token later pared some losses as details of the recovery were made public.\u00a0<\/p>\n<p>Yearn is expected to release its full post-mortem once the audit partners finalize their review, and the team has already pointed users to its documentation outlining its vulnerability disclosure framework and audit history.<\/p>\n<p>    <!-- .cn-block-related-link --><\/p><\/div>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Yearn Finance has taken its first major step toward repairing the damage from its recent yETH exploit after securing a partial recovery. Summary Yearn Finance recovered $2.4M from the $9M&hellip;<\/p>\n","protected":false},"author":1,"featured_media":5718,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-17057","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cryptocurrency"],"_links":{"self":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/17057","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/comments?post=17057"}],"version-history":[{"count":1,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/17057\/revisions"}],"predecessor-version":[{"id":17058,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/17057\/revisions\/17058"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/media\/5718"}],"wp:attachment":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/media?parent=17057"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/categories?post=17057"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/tags?post=17057"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}