Wed. Jul 17th, 2024

• Ethereum-based DeFi protocols Aave and Yearn Finance have been affected by an exploit, according to blockchain security firm PeckShield.
• The exploit focuses on Aave V1, and is estimated to have caused damages of up to $11 million.
• Aave responded to the exploit, saying that it had not impacted Aave V2 or V3 and that they were monitoring the situation closely.

Exploit Affects Ethereum’s Popular DeFi Protocols

Two of Ethereum’s most popular decentralized finance (defi) protocols, Aave and Yearn Finance, have been affected by an exploit, according to early reports this morning from blockchain security firm PeckShield.

Details of the Exploit

The company directed a tweet to Aave asking it to verify a specific transaction hash. According to PeckShield, DeFi aggregator Yearn Finance is suspected to have been attacked by a flash loan. The exploit focuses on Aave V1, and the damage could exceed $11 million. The attacker received a mix of stablecoins from Yearn Finance and Aave which included 3,032,142 DAI; 2,579,483 USDC; 1,785,091 BUSD; 1,512,528 TUSD; and 1,193756 USDT.

Aave Responds

Aave responded to PeckShield in a tweet: We are aware of this transaction, and it did not have an impact on Aave V2 and Ave V3. We are now confirming whether there is any impact on Ave V1 – the oldest version of the protocol which has been frozen – monitoring the situation closely to ensure no further concerns. Marc Zeller – head of integration at Ave – went into greater detail in subsequent tweets stating that v1 had been frozen since December 2022 meaning no user could deposit money or increase credit amount “making a problem unlikely but not impossible” though he added that users can repay/withdraw their funds via traditional app regardless due being able freeze v1 protocol as well as size of Ave security module currently sitting at 382 million dollars compared with 18 million for v1 protocol.

No Known Impact On Other Versions Of Ave Protocol

In response to twitter user question @marczeller confirmed there was currently no known impact on AveV2 &V3 protocols stating “To our current knowledge zero”

Summary

Ethereum-based DeFi protocols Aave &YearnFinance have been affected by an exploitthe focus being on AveV1 with potential damages exceeding $11million .Ave responded confirming no impacton AveV 2&3 while monitoring situationclosely &Marc Zeller -headofintegrationatAve- provided further details stressing despite possible risk users can still repay/ withdraw their funds via traditional appdue both Avenue Security Module currently sitting at 3822million dollarscompared with18millionforv 1protocol &freezingofprotocol since December 2022 .

By admin