Yearn Finance recovers $2.4M following $9M yETH exploit
Yearn Finance has taken its first major step toward repairing the damage from its recent yETH exploit after securing a partial recovery.
- Yearn Finance recovered $2.4M from the $9M yETH exploit through a coordinated effort with Plume and Dinero.
- The recovery covers assets still held by the attacker, while the laundered ETH remains out of reach.
- A full post-mortem is underway as Yearn prepares further steps to return remaining funds to affected users.
Yearn Finance has recovered $2.4 million from the $9 million yETH exploit that hit the protocol at the end of November.
The update came late on Dec. 1, when Yearn confirmed that 857.49 pxETH had been recovered through a coordinated effort with Plume and Dinero, and that all retrieved funds will be returned to affected users.
The exploit that hit Yearn’s legacy yETH pool
The incident took place at 21:11 UTC on Nov. 30 and targeted Yearn’s legacy yETH stableswap pool, a contract powered by custom code rather than the standard Curve ( CRV ) implementation.
A subtle arithmetic flaw allowed the attacker to mint an enormous amount of yETH in one transaction, which they then used to drain assets from the affected pools. Roughly $8 million was taken from the yETH stableswap pool and another $900,000 from the yETH-WETH pool on Curve.
No other Yearn product used this contract, and V2 and V3 vaults, which hold more than $600 million, were not touched. Engineers from Yearn, SEAL 911, and ChainSecurity entered a war-room immediately after the breach, and a full post-mortem is underway.
Part of the stolen Ethereum ( ETH ) was quickly laundered through Tornado Cash, limiting the chances of full recovery, but several LST assets tied to the attacker’s wallets were still traceable during the window that followed the exploit. That is where Yearn focused its efforts.
How Yearn recovered $2.4M and what happens next
The pxETH recovered in the latest update was still within the attacker’s reach and had not been mixed or converted. Working with Plume and Dinero, Yearn neutralized the exploiter’s pxETH positions and redirected equivalent value back to the protocol.
This will allow affected depositors to be compensated without waiting for courtroom processes or lengthy negotiations. The team said recovery efforts are still active and that additional assets may follow if on-chain options allow it.
Users who were impacted can request support through Yearn’s Discord while the investigation continues. The protocol has also reiterated that none of its other products share this code path and that old contracts are being reviewed to prevent similar issues.
The quick communication has helped steady sentiment around Yearn’s ecosystem, especially after YFI’s sharp drop following the attack. The token later pared some losses as details of the recovery were made public.
Yearn is expected to release its full post-mortem once the audit partners finalize their review, and the team has already pointed users to its documentation outlining its vulnerability disclosure framework and audit history.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
The Rise in DASH Value: Is This the Beginning of a New Chapter for Decentralized Finance?
- DASH surged 150% in June 2025 to $50, reaching $87.91 by November amid institutional adoption and tech upgrades. - Institutional investments like AGF's $7.79M and DoorDash's $450M partnership boosted DASH's legitimacy and ownership to 90.64%. - Dash Platform 2.0 enhanced utility with dApps, privacy features, and AI-driven analytics, aligning with DeFi growth and macroeconomic trends. - DASH's 0.85 Bitcoin correlation and $4T crypto market cap highlight its role in transitioning from speculation to utilit
The Growing Influence of Zero-Knowledge Proofs on Enhancing Blockchain Scalability
- Zero-knowledge proofs (ZKPs) are revolutionizing blockchain scalability, with Ethereum's Layer-2 solutions like zkSync Era and StarkNet achieving 27M+ monthly transactions and 90% gas fee reductions. - Enterprise adoption of ZKPs by Nike , Sony , and UBS , combined with Vitalik Buterin's GKR protocol advancements, is accelerating secure data sharing and DeFi infrastructure development. - The ZKP market is projected to reach $8.52 billion by 2033 as modular architectures and quantum-resistant solutions ad
LUNA Jumps 37.8% Amid Rumors of SBF Receiving a Pardon
- LUNA surged 37.8% in 24 hours on Dec 6, 2025, driven by speculation about a potential pardon for FTX founder Sam Bankman-Fried. - The token, rebranded post-2022 Terra collapse, has risen 92.38% monthly but remains 66.51% below its one-year level. - Market reactions link LUNA's rally to legal developments involving SBF and Terraform Labs founder Do Kwon, whose sentencing is pending. - Analysts highlight renewed investor interest amid regulatory scrutiny and evolving governance models in the post-UST Terra
The Emergence of Prompt Engineering as a Key Strategic Resource in AI-Powered Sectors
- Global AI infrastructure market is projected to reach $1.81 trillion by 2030, driven by prompt engineering as a strategic asset. - 65% of enterprises integrate generative AI in 2025, with prompt engineering boosting productivity by 10–20% in strategic planning. - VC investments in AI hit $100.4B in 2024, with prompt engineering tools attracting $1.38B in 2025 alone. - NVIDIA and Microsoft partnerships highlight prompt engineering’s role in enterprise AI, but data governance risks persist.
Trending news
MoreCrypto prices
More
