Another day in the wild world of DeFi and Yearn Finance messes up big time with an $11 million mishap. It’s hard to believe, but it’s true.
On April 13, 2023, Yearn Finance on the Ethereum chain was attacked due to a misconfiguration in the yUSDT vault. The attackers exploited this vulnerability and stole approximately $11.54 million.
Yearn Finance is a yield aggregator that offers various services on the Ethereum blockchain. These services include lending aggregation, yield generation, and insurance services for individuals, DAOs, and other protocols.
To learn more about the project, check out the official documentation.
Vulnerability Analysis & Impact:
Victim Contract: 0x83f798e925BcD4017Eb265844FDDAbb448f1707D
First Txn: 0xd55e43c1602b28d4fd4667ee445d570c8f298f5401cf04e62ec329759ecda95d
Second Txn: 0x8db0ef33024c47200d47d8e97b0fcfc4b51de1820dfb4e911f0e3fb0a4053138
The Root Cause:
The vulnerability was caused by a bug in the misconfigured yUSDT vault. Specifically, the contract’s fulcrum used the iUSDC token instead of the iUSDT token, leading to a mistaken dependency on the pool’s underlying token. This vulnerability was exploited to mint a large amount of yUSDT tokens. The misconfiguration was present at the time of deployment and went unnoticed for approximately 1000 days.
- The attacker initially funded their wallet using Tornado Cash. They took a flash loan of 5M DAI, 5M USDC, and 2M USDT, and deposited the funds into the yUSDT contract.
- The yUSDT contract mints tokens that represent USDT deposits in Yearn Finance. An attacker redeemed yUSDT and withdrew all assets from the Aave V1 vault. Then they minted bZxUSDC and sent it to the contract, which increased the price of each share.
- The hacker triggered a rebalance which lead to the redemption of bZxUSDC into USDC, effectively reducing the value per yUSDT to zero. The hacker then deposited 1 wei of USDT to the yUSDT contract, allowing them to mint over 1 quadrillion yUSDT tokens.
- The yUSDT was swapped for USDT, USDC, and DAI in Curve pools. After paying back the borrowed flash loan, the hacker kept most of the stolen funds, which were worth about 11.54 million dollars.
The flow of Funds:
On April 13, the attacker transferred 1000 ETH to Tornado Cash from their second EOA(0x16af29b7).
As of writing this blog, the attacker holds around $9,817,782 across all three of their wallets. More details are provided below:
13–4–2023: The Yearn Finance team clarified that the exploit occurred in the legacy iearn protocol and liquidity pool launched in 2020. However, Yearn v2 vaults were not affected by the exploit.
13–4–2023—The team also acknowledged the incident with the outdated contract from before vaults v1 and v2. They will be sharing further updates after a detailed investigation.
13–4–2023: Aave clarified that the incident had no impact on their V1, V2, and V3 contracts.
13–4–2023: The attacker transferred 1000 ETH to Tornado Cash. The rest of the money is still in the attacker’s wallets.
How the attack could have been prevented:
The attack could have been prevented if proper validation and confirmation of the Fulcrum address had been performed before deployment. The deployer should have provided the correct address for the iUSDT token instead of iUSDC in the constructor. If this had been done, the attack would not have been possible.
Moreover, this demonstrates the importance of conducting a security review of deployment scripts to verify that all deployment parameters are correctly configured.
Web3 security- Need of the hour
Why QuillAudits for Web3 Security?
QuillAudits is well-equipped with tools and expertise to provide cybersecurity solutions, saving the loss of millions in funds.