News list for "yeth"

Yearn Finance Details 9 million USD yETH Vulnerability Attack

Yearn Finance has published a detailed post-mortem report on last week's yETH exploit, pointing to a three-stage numeric error in its legacy stableswap liquidity pool that allowed the attacker to "mint" LP tokens indefinitely and steal approximately $9 million of assets from the pool. Yearn confirmed that it has successfully recovered 857.49 pxETH, or about a quarter of the stolen assets, with the assistance of the Plume and Dinero teams. The team plans to distribute the recovered funds proporti...

clock
2025-12-08 18:07:10
Yearn Finance详述900万美元yETH漏洞攻击

Yearn Finance 发布了针对上周 yETH 漏洞攻击的详细事后报告,指出其遗留的 stableswap 流动性池中存在一个三阶段数值错误,该错误导致攻击者能够“无限铸造”LP 代币,并从该流动性池中盗取了约 900 万美元资产。Yearn 确认,已在 Plume 和 Dinero 团队的协助下,成功追回 857.49 枚 pxETH,约占被盗资产的四分之一。团队计划将追回的资金按比例分配给 yETH 的储户。

clock
2025-12-08 18:07:10
SlowMist: The root cause of the yearn attack is that there are insecure mathematical operations in the Yearn yETH pool contract

According to SlowMist monitoring, on December 1st, the decentralized financial protocol yearn was hacked, causing about $9 million in losses. The SlowMist security team analyzed the incident and confirmed the root cause as follows: The vulnerability stems from the logic of the _calc_supply function used to calculate the supply in the Yearn yETH Weighted Stableswap Pool contract. Due to an insecure mathematical operation, the function...

clock
2025-12-05 02:53:56
慢雾:yearn遭遇攻击的根本原因是Yearn yETH池合约存在不安全的数学运算

据SlowMist监测,12 月 1 日,去中心化金融协议yearn遭遇黑客攻击,造成约900万美元损失。慢雾安全团队对该事件进行了分析,确认根本原因如下: 漏洞源于Yearn yETH加权稳定币交换池(Weighted Stableswap Pool)合约中用于计算供应量的_calc_supply函数逻辑。由于存在不安全的数学运算,该函数在...

clock
2025-12-05 02:53:56
Yearn: yETH pool suffered a complex attack, losing about $8.90 million

Yearn released a statement saying that its yETH stable pool was attacked at 21:11 UTC on November 30. The attacker minted a large amount of yETH through custom contracts, resulting in damage to about 8 million US dollars in assets in the pool, and about 900,000 US dollars in losses came from the yETH-WETH pool on Curve. Yearn said that the affected code is not related to other products, and V2/V3Vaults are not affected, and said that the complexity of the incident is similar to the previous Bala...

clock
2025-12-01 04:24:35
Yearn:yETH池遭复杂攻击,损失约890万美元

Yearn发布声明称,其yETH稳定池于11月30日21:11UTC遭遇攻击,攻击者通过自定义合约大量铸造yETH,导致池内约800万美元资产受损,另有约90万美元损失来自Curve上的yETH-WETH池。Yearn表示,受影响代码与其他产品无关联,V2/V3Vaults均未受影响,并称事件复杂程度与此前Balancer遇袭情形相似。目前团队已联合SEAL911及审计机构Chain Security展开调查。

clock
2025-12-01 04:24:35
Yearn: yCRV was not affected by the yETH pool event

Yearn tweeted that this yETH-related attack did not affect yCRV products. Yearn Vaults (V2 and V3 versions) were also not affected by this incident.

clock
2025-12-01 03:14:33
Yearn:yCRV未受yETH池事件影响

Yearn发推称,本次yETH相关攻击事件未波及yCRV产品。Yearn Vaults(V2和V3版本)也不受此事件影响。

clock
2025-12-01 03:14:33
Yearn's yETH is suspected of being attacked, 3 million US dollars ETH flows into Tornado Cash

The attackers are suspected of making millions of dollars from an attack on Yearn's index token yETH, an index token that includes several mainstream liquidity staking tokens. Blockchain data shows that the attack resulted in about $3 million worth of ETH being transferred through the coin mixing service Tornado Cash. The attacker appears to have successfully minted an unlimited amount of yETH through the vulnerability. This situation is still developing.

clock
2025-11-30 23:21:52
Yearn旗下yETH疑似遭遇攻击,300万美元ETH流入Tornado Cash

攻击者疑似对Yearn旗下的指数代币yETH发起攻击,从中获利数百万美元。yETH是一款包含多种主流流动性质押代币的指数代币。 区块链数据显示,此次攻击导致价值约300万美元的ETH通过混币服务Tornado Cash转移。攻击者似乎通过漏洞成功铸造了无限量的yETH。 此事态仍在发展中。

clock
2025-11-30 23:21:52
Disclaimer:
1. The information provided does not constitute investment advice. Investors should make independent decisions and bear all risks themselves.
2. The copyright of this content belongs to the original author. The views expressed herein are solely those of the author and do not represent the stance or position of this website.