Aave users were hit with some concerning news on 13 April following reports of malicious exploit. Initial reports revealed that Aave and Yearn Finance were involved, leading to an alleged $10 million loss.
Is your portfolio green? Check out the AAVE Profit Calculator
Blockchain security and data analytics firm PeckShield was among the first to identify what happened. According to their report, they observed that a large amount of Yearn Finance’s stablecoin yUSDT was minted. This was roughly worth $1.25 million.
The malicious actor behind the exploit reportedly took advantage of yUSDT misconfiguration on Aave. An amount large enough to drain the funds in Yearn Finance.
<p lang=«en» dir=«ltr» xml:lang=«en»>It appears the root cause is due to the misconfigured yUSDT, which is exploited to mint huge yUSDT (1,252,660,242,212,927.5) from a small $10K USDT. The huge yUSDT is then cashed out by swapping to other stable coins. https://t.co/Qz3vwtbcot pic.twitter.com/xlsc2Nlmle— PeckShield Inc. (@peckshield) April 13, 2023
The report led to concerns that the exploit might affect Aave particularly due to the large amount of yUSDT minted. The hacker would reportedly swap the yUSDT for USDT. Hence concerns that the exploit would lead to large losses.
Reports indicated that only $10 million worth of assets were stolen. Meanwhile the DeFi lending and staking protocol put stakeholders at ease after announcing that AAVE V1, V2 and V3 were not affected.
<p lang=«en» dir=«ltr» xml:lang=«en»>We are aware of this transaction, and it did not have an impact on Aave V2 and Aave V3.We are now confirming whether there is any impact on Aave V1, the oldest version of the protocol which has been frozen. We're monitoring the situation closely to ensure no
Read more on ambcrypto.com