Yearn Finance starts asset recovery after $9 million exploit on November 30

Markets 2025-12-03 10:09

Yearn Finance has started the recovery process for funds that were stolen when a $9 million exploit hit its yETH stableswap pool on November 30.

The DeFi protocol announced it successfully clawed back $2.39 million worth of assets, which are to be returned to affected depositors.

As reported by Cryptopolitan, the exploit occurred at 21:11 UTC, and it targeted a custom version of stableswap code. Yearn Finance confirmed that its main V2 and V3 vault products weren’t affected by the incident and remain secure for users.

Yearn Finance recovers $2.39 million in coordinated effort

The protocol announced the recovery of 857.49 pxETH, valued at $2.39 million, through a collaborative operation with the Plume and Dinero teams. Yearn Finance stated that the process of recovery is still ongoing, and any other assets recovered will be returned to the affected depositors.

The clawback operation comes just days after the initial exploit. A war room with SEAL911 and audit partner ChainSecurity remains active as the full postmortem investigation continues. The security response involves tracking the movement of stolen assets and working to prevent further losses.

The $9 million exploit breakdown

Collectively, the two pools lost around $9 million. The heaviest impact was taken by the stableswap pool that was affected, which lost about $8 million. Curve also suffered, as the yETH-WETH Stableswap was drained for another $900,000.

The attacker used a vulnerability that could mint a large number of yETH tokens. According to early analysis from Yearn Finance, the hacker minted about 235 trillion yETH without providing necessary collateral.

By using the inflated token balance, the attacker was able to swap the unbacked yETH for legitimate liquid staking assets such as stETH, rETH, and cbETH from the stableswap pool and wrapped Ethereum from the Curve pool.

Legacy pool vulnerability exposed

This contract was a customized version of one of the popular stableswap codes and was independent of the rest of the Yearn Finance products. The protocol stressed that no other Yearn product uses similar code to what was compromised in the attack.

The vulnerability involved an older, legacy contract related to the yETH token. That allowed the attacker to mint new tokens without the necessary collateral backing, essentially creating tokens out of thin air.

Yearn Finance explained that the initial analysis places this hack at a similar level of complexity to the recent Balancer exploit. The yETH stableswap pool was not connected to the main Yearn V2 and V3 vault infrastructure, which helped isolate the hack and thus stop the exploit from spreading to its core products.

Attacker launders funds through a mixer

The attacker, within hours of the exploit, started to move stolen assets in order to obscure their trail. About 1,000 ETH, worth approximately $3 million, was subsequently transferred into crypto mixing service Tornado Cash.

As of December 1, approximately $6 million of stolen funds remained in the attacker wallet address 0xa80d.c822. The remaining funds were comprised primarily of staked ETH derivatives that had not been laundered yet.

The Yearn Finance team put out clear statements indicating that the core products of their vaults were not susceptible to the exploit. V2 and V3 vaults lie in a separate smart contract, with their codebase different from that of the affected legacy pool.

Users who had funds in Yearn V2 and V3 vaults did not have to do anything. The protocol explained that the incident that occurred on November 30 affected only depositors in the particular yETH stableswap pool.

November crypto security incidents

The Yearn Finance hack closed out a difficult month for crypto security. November 2025 saw nearly $200 million in losses across multiple high-profile platforms and protocols.

The month’s largest incident was a $134 million exploit of Balancer, caused by a rounding error in smart contract logic. South Korean exchange Upbit suffered a hot wallet compromise that resulted in losses between $30 million and $38 million.

Other November incidents included a $3.1 million smart contract takeover at GANA Payment and approximately $5 million in losses at Hyperliquid from price manipulation.

If you're reading this, you’re already ahead. Stay there with our newsletter.

Share to:

This content is for informational purposes only and does not constitute investment advice.

yearn finance STOandOn-Chain
Recommended Reading
2025-12-05 14:21
Enjin Coin Price Analysis: ENJ Soars 50% After Falling to 5-Year Low
2025-12-05 13:48
Enjin Coin price prediction 2025-2031: Can ENJ price reach $10?
2025-12-05 13:45
Will Sensota Upgrade Fire Up Enjin Crypto: ENJ Price Prediction For Q4
2025-12-05 13:16
Enjin Coin Price Prediction 2025: Slow ENJ Recovery Likely
2025-12-05 12:00
Euler (EUL) Price Falls 25% After Binance Spot Listing: What’s Behind the Sell-Off
2025-12-05 11:26
AltLayer Price Prediction 2025: ALT Smashes Past Resistance

Popular Articles

Curated Series

SuperEx Popular Science Articles Column

SuperEx Popular Science Articles Column

This collection features informative articles about SuperEx, aiming to simplify complex cryptocurrency concepts for a wider audience. It covers the basics of trading, blockchain technology, and the features of the SuperEx platform. Through easy-to-understand content, it helps users navigate the world of digital assets with confidence and clarity.
Unstaked related news and market dynamics research

Unstaked related news and market dynamics research

Unstaked (UNSD) is a blockchain platform integrating AI agents for automated community engagement and social media interactions. Its native token supports governance, staking, and ecosystem features. This special feature explores Unstaked’s market updates, token dynamics, and platform development.
XRP News and Research

XRP News and Research

This series focuses on XRP, covering the latest news, market dynamics, and in-depth research. Featured analysis includes price trends, regulatory developments, and ecosystem growth, providing a clear overview of XRP's position and potential in the cryptocurrency market.
How do beginners trade options?How does option trading work?

How do beginners trade options?How does option trading work?

This special feature introduces the fundamentals of options trading for beginners, explaining how options work, their main types, and the mechanics behind trading them. It also explores key strategies, potential risks, and practical tips, helping readers build a clear foundation to approach the options market with confidence.

What are the risks of investing in cryptocurrency?

What are the risks of investing in cryptocurrency?

This special feature covers the risks of investing in cryptocurrency, explaining common challenges such as market volatility, security vulnerabilities, regulatory uncertainties, and potential scams. It also provides analysis of risk management strategies and mitigation techniques, helping readers gain a clear understanding of how to navigate the crypto market safely.