Dead protocol leaks crypto funds from hacked pool

As an analyst with a background in blockchain technology and cybersecurity, I find the recent incident of a hacker exploiting the smart contracts of defunct DeFi lending protocol Yield Protocol deeply concerning. Having closely followed the events surrounding Yield Protocol’s shutdown in December 2023 and its recovery from a previous attack on Euler Finance, I am dismayed to see that despite numerous warnings from the team, an unknown hacker managed to steal approximately $181,000 worth of crypto assets.


Hackers successfully extracted funds from the abandoned smart contracts of the decentralized finance (DeFi) lending platform, Yield Protocol.

In December 2023, Yield Protocol announced its closure due to insufficient market demand and mounting regulatory challenges worldwide. Subsequently, they urged investors repeatedly to liquidate their holdings, retrieve their funds, and settle any outstanding debts.

As a researcher, I’ve uncovered some troubling news regarding a recent cyberattack. Approximately $181,000 worth of crypto assets were clandestinely taken from Yield’s strategic contracts on the Arbitrum blockchain. The initial warning came from blockchain investigation firm PeckShield. Subsequently, CertiK confirmed this disquieting development in their investigations.

Dead protocol leaks crypto funds from hacked pool

Based on a follow-up investigation, CertiK’s found:

“The attacker exploited a discrepancy between the pool token balance and total supply with flash-loaned assets and then withdrew extra pool tokens.”

As a financial analyst, I’d put it this way: The official backing for Yield Protocol concluded on February 2nd. Given its past patterns of recovery, there has been an effort to retrieve the stolen funds. However, based on current circumstances, it appears that this endeavor is uncertain at best.

Dead protocol leaks crypto funds from hacked pool

In March 2023, Yield Protocol and ten other decentralized finance (DeFi) platforms experienced financial setbacks following the assault on the non-custodial lending protocol Euler Finance. However, by July 2023, Yield Protocol successfully recuperated from the damages inflicted during the Euler Flash Loan attack.

Dead protocol leaks crypto funds from hacked pool

During that period, Yield Protocol collaborated with Euler to recover the funds by introducing 26 fresh contracts and making around 300 authorized adjustments to reset the maturities of the fixed-yield tokens and revive the protocol.

In the initial phase of 2024, Immunefi, a leading blockchain security firm, announced a significant reduction of approximately one-quarter in losses caused by hacking and fraudulent activities compared to the same period last year.

In the first quarter of 2024, about $336.3 million was stolen through hacking and fraud schemes, representing a decrease from the $437.5 million recorded in the same period the previous year.

Dead protocol leaks crypto funds from hacked pool

As a researcher examining the data, I’ve discovered that there were 46 instances of hacking and 15 occurrences of fraudulent activities reported. The biggest loss was sustained by the cross-chain bridge protocol Orbit Bridge, with a staggering sum of $81.7 million being taken.

Read More

2024-04-30 12:58