Yearn Finance has been hit with a significant exploit, where attackers drained approximately $9 million from its yETH pool. Analysis by PeckShieldAlert suggests that the attack involved excessive minting of yETH tokens, which caused a rapid drop in liquidity within the pool. The Ethereum side of Yearn’s ecosystem is impacted as the exploit affects vaults focused on staking and wrapped ETH positions. 1,000 ETH were then transferred to Tornado Cash, a renowned crypto mixer that processes deposits before splitting them across various withdrawal addresses. On-chain data shows the attacker used this tactic, with repeated transfers of smaller amounts (100 ETH) to Tornado Cash, totaling about $3 million. While a significant portion of the funds moved through Tornado Cash, some assets remained within the exploiter’s control. Following the transfer, the exploiter was left with approximately $6 million in crypto holdings. The exploit’s details and movement were confirmed by PeckShieldAlert, which labeled it as an attack instead of a routine contract function due to uncontrolled minting that led to immediate liquidity depletion. The incident has drawn attention to the importance of securing contracts through limitations on minting functions. 742.63 fXETH worth $2,099,554.01 and 857.49 pXETH worth $2,447,696.00 were also held within the exploiter-controlled address. These holdings reveal that the exploiter holds significant amounts of Ethereum-based tokens. Yearn Finance’s exploit has sparked a broader market reaction with Ethereum’s price falling nearly 5%, indicating increased selling pressure following the incident. This downturn follows a period of consolidation and trading volume picking up, suggesting deeper participation in the sell-off.