PeckShield, a blockchain security firm, discovered a hack in the decentralized finance (DeFi) space that allowed the attacker to mint over 1 quadrillion Yearn Tether (yUSDT) from $10,000. The hacker swapped the yUSDT for other stablecoins, allowing them to take control of $11.6 million worth of stablecoins.
PeckShield was able to track the flow of funds from the attack and has flagged the DeFi protocols Aave and Yearn.finance about what was transpiring.
The hacker was able to transfer 1,000 Ether worth almost $2 million to the cryptocurrency mixer Tornado Cash, which is sanctioned. Yearn.finance stated that the exploit was limited to iearn, an outdated contract before vaults v1 and v2, and that its current contracts and protocols were not affected.
Meanwhile, Aave confirmed that the hack did not impact its v1, v2, or v3 liquidity protocol.
Despite hacks still affecting the DeFi space in 2023, the amount of money lost has been lower than in previous years.
According to a quarterly report by blockchain security firm CertiK, more than $320 million was lost to hacks in the first quarter of 2023, significantly lower than the $1.3 billion lost in the first quarter of 2022 and the $950 million lost in the fourth quarter of 2022.
This could be attributed to the increase in security measures and the improved awareness of the risks associated with DeFi.
