Two of Ethereum’s most popular DeFi protocols, Aave and Yearn Finance, have reportedly suffered an exploit.
Blockchain security firm PeckShield has directed a tweet to Aave requesting verification of a specific transaction hash.
According to the security firm, Yearn Finance was attacked by a flash loan, and the exploit has affected Aave V1, with damage potentially exceeding $11 million.
The attacker received a mix of stablecoins from Yearn Finance and Aave, capturing over $10 million in DAI, USDC, BUSD, TUSD, and USDT.
Aave has confirmed the transaction but stated that it has not impacted Aave V2 and V3. Aave V1 has been frozen since December 2022, with no users able to deposit or increase credit amounts, making the problem unlikely but not impossible.
Head of Aave integration, Marc Zeller, confirmed that there is currently no known impact on Aave V2 and V3, and users can repay and withdraw their funds from V1 via the traditional app.
Crypto researcher Samczsun of Paradigm has claimed that Yearn Finance’s USDT version, yUSDT, has been broken since its launch. Despite the news, ETH maintains its upward trend, standing at $1,992 at press time.