TLDR:
- Yearn recovered $2.39M in pxETH from a $9M exploit targeting its custom yETH stableswap pool
- Attackers minted trillions of tokens using just 16 wei through a vulnerability on November 30
- Recovery teams including SEAL911 and Chain Security continue investigating the complex attack
- The exploit affected only the yETH pool while Yearn V2 and V3 vaults remained secure
Yearn Finance announced the successful recovery of 857.49 pxETH valued at $2.39 million following a major exploit that targeted its yETH stableswap pool. The recovery operation involved coordinated efforts between Yearn and the Plume and Dinero teams.
The incident resulted in total losses of approximately $9 million on November 30, 2025. Recovery operations remain active as teams work to retrieve additional assets for affected depositors.
Attack Exploits Custom Stableswap Code With Minimal Input
The exploit occurred at 21:11 UTC on November 30 when attackers targeted the yETH stableswap pool.
Hackers minted trillions of tokens using just 16 wei as input through a vulnerability in the custom stableswap code. The attack affected a specialized version of popular stableswap architecture that operates independently from other Yearn products.
Yearn reported losses totaling approximately $8 million from the impacted stableswap pool itself. An additional $900,000 disappeared from the yETH-WETH Stableswap pool on Curve.
The vulnerability did not impact Yearn V2 or V3 vaults, which remain secure. The platform confirmed that no other Yearn products use similar code to the compromised contract.
The recovered funds moved through a multisig wallet designed for secure handling during the recovery process. Teams transferred the 857.49 pxETH through coordinated channels with Plume and Dinero.
Yearn pledged to return all successfully recovered assets to depositors who suffered losses. The platform opened support tickets on Discord for affected users seeking assistance.
Investigation Teams Compare Incident to Recent Balancer Attack
Yearn activated a war room with SEAL911 and Chain Security to conduct a full postmortem investigation.
Initial analysis suggested the hack carries a complexity level similar to the recent Balancer exploit. The technical sophistication of the attack required extensive forensic work to understand the exact mechanism.
Teams continue analyzing the vulnerability to prevent similar incidents across DeFi protocols.
The incident highlights ongoing security challenges facing decentralized finance platforms despite rigorous auditing processes.
Chain Security had previously audited the yETH contract as a partner. The vulnerability still managed to slip through existing security measures. Investigations focus on identifying how attackers discovered and exploited the specific weakness in the custom code.
Recovery efforts remain ongoing as teams work to trace and retrieve remaining stolen assets. The partial recovery of $2.39 million represents roughly 26% of total losses.
Additional funds may be recoverable as investigation teams continue their work. The case demonstrates both the risks inherent in DeFi protocols and the community’s capacity for coordinated response.
The post Yearn Finance Claws Back $2.39M From $9M yETH Hack in Ongoing Recovery Push appeared first on Blockonomi.
Source: https://blockonomi.com/yearn-finance-claws-back-2-39m-from-9m-yeth-hack-in-ongoing-recovery-push/