YFI +0.62% After Partial Recovery From $9M Exploit

Generated by AI AgentCryptoPulse AlertReviewed byAInvest News Editorial Team
Tuesday, Dec 2, 2025 7:10 pm ET2min read
Aime RobotAime Summary

- Yearn Finance recovered $2.4M of $9M lost in a yETH stableswap pool exploit via Plume and Dinero collaboration.

- Attackers exploited contract vulnerabilities on Nov 30, 2025, draining assets through yETH and yETH–WETH pools.

- Partial

Ethereum
recovery was hindered by Tornado Cash laundering, though LST assets were traced and redirected.

- V2/V3 vaults ($600M+) remained unaffected; protocol emphasizes patching legacy contracts to prevent future breaches.

- YFI rebounded 0.62% after partial recovery, though the token still fell 9.5% weekly and 53.36% annually.

On DEC 2 2025, YFI rose by 0.62% within 24 hours to reach $3713, YFI dropped by 9.5% within 7 days, dropped by 9.87% within 1 month, and dropped by 53.36% within 1 year.

DeFi Protocol Recovers $2.4M in Aftermath of $9M yETH Exploit

Yearn Finance has recovered $2.4 million of the $9 million lost in a high-profile exploit of its legacy yETH stableswap pool. The incident occurred on November 30, 2025, when attackers exploited a vulnerability in the contract’s custom code, enabling them to mint a large amount of yETH and drain assets from two pools. Over $8.9 million was siphoned across the yETH stableswap pool and the yETH–WETH pool on Curve.

The recovery was made possible through a collaborative effort with Plume and Dinero. On December 1, 2025,

Yearn
confirmed the successful retrieval of 857.49 pxETH, equivalent to $2.39 million, which will be returned to affected depositors. The protocol emphasized that user reimbursements are expected to begin soon, with further recovery efforts still underway.

Security Response and Ongoing Recovery Efforts

Following the breach, Yearn, along with security teams from SEAL 911 and ChainSecurity, launched an immediate response. Engineers worked to contain the damage while tracing the stolen assets. A portion of the

Ethereum
was laundered through
Tornado Cash
, complicating full recovery. However, investigators were able to track several LST assets linked to the attacker’s wallets, allowing for the neutralization of pxETH positions and the redirection of value back to users.

Yearn reiterated that its V2 and V3 vaults—holding over $600 million—were unaffected by the exploit, as they operate on separate code paths. The protocol remains focused on identifying and patching older contracts to prevent similar vulnerabilities in the future.

Exploit Adds to Ongoing DeFi Security Concerns

The yETH exploit adds to a recent wave of DeFi-related security incidents. In late November, both Prisma Finance and Raft Finance reported losses due to contract flaws and compromised keys. Earlier in 2025, Curve Finance also suffered a significant exploit due to a Vyper compiler bug.

Industry experts continue to highlight the risks associated with legacy smart contracts and the increasing complexity of DeFi infrastructure.

Yearn Finance
is preparing a detailed post-mortem report once its audit partners finalize their review. The report will provide a comprehensive analysis of the attack vector, response timeline, and measures taken to prevent future incidents.

Community Response and Market Impact

Community members have been actively engaged in tracking the recovery progress through Yearn’s Discord channels. The exploit initially caused a sharp drop in YFI, with the token falling nearly 10% on the day of the incident. However, the announcement of the partial recovery helped stabilize sentiment, leading to a partial rebound in the token’s price. At the time of writing, YFI is trading at $3,713.

The DeFi community is now watching closely to see how Yearn Finance will evolve its security measures and whether additional vulnerabilities exist in its broader codebase. For now, the partial recovery serves as a testament to the resilience of the Yearn ecosystem in the face of a significant security breach.