With the help of the Tornado Cash crypto mixer, the thief has already exchanged 1,000 Ether ($2 million).
The thief was capable of making almost 1 quadrillion Yearn Tether (yUSDT) from $10,000 thanks to a hole that was found by a blockchain security business called PeckShield. This leak allowed him to connect to the latest DeFi exploit.
The attacker then converted the yUSDT to other stablecoins, as described by the security company, enabling them to seize stablecoins worth $11.6 million.
PeckShield has reported that the hacker has successfully transferred 1,000 Ether, worth nearly $2 million, to Tornado Cash. The blockchain security company also notified Aave and Yearn.finance about the incident in the DeFi protocols.
Following initial investigations, Yearn.finance stated that the issue was limited to the old iearn contract predating vaults v1 and v2. The DeFi standard confirms that the current contracts and protocols of Yearn.finance remain unaffected by the vulnerability.
The sale has been made known to Aave as well, they added. Based on the current confirmation from the liquidity protocol, Aave v1, v2, and v3 weren’t compromised.
Although the DeFi industry is still plagued by breaches in 2023, less money has been lost as a result of hacks than in years past. More than $320 million was lost to cyberattacks in the first quarter of 2023, based on the quarterly report by CertiK. In comparison to the first quarter of 2022, when losses were $1.3 billion, and the fourth quarter, when hacking cost $950 million, the losses were significantly smaller.