- An attacker exploited Aave and Yearn Finance with a flash loan.
- The address associated with the attack stole at least $10 million.
- Aave responded to the attack by saying that it was looking into it.
On Thursday, an exploiter attacked Aave and Yearn Finance, another DeFi protocol, using a flash loan and drained more than $10 million.
According to blockchain security firm Lookonchain, all the stolen $10 million is in stablecoins DAI, USDC, BUSD, TUSD, and USDT.
The team behind the protocol said on Twitter that they are aware of the exploit and that the attack hasn’t impacted Aave v2 and v3.
Aave Chan Initiative founder Marc Zeller said on Twitter that the exploit targeted Aave v1, the oldest protocol version, frozen since December 2020.
According to Zeller, no user could deposit or increase borrow size on Aave v1, which made the issue “unlikely but not impossible.”
Aave’s governance token AAVE had no material reaction to the news. AAVE is trading at $77.88, up 0.7% on the day, according to data from CoinGecko.
On the Flipside
- The full details about the exploit are still unavailable.
Why You Should Care
Aave is known to be resilient to exploits. Seeing one of the oldest DeFi protocols attacked and drained for millions of dollars is concerning. That’s why investors should always do their own research before deciding where to invest their funds.
Read more about the Euler hacker returning everything they had stolen:
Read more about Ethereum’s Shanghai upgrade: