Hacker Steals $15 Million from Yearn Finance’s Unreleased Project
Operating in a space that’s hyped so much that it ends up damaging itself through sheer positive sentiment is extremely difficult. Such levels of momentous hype are plaguing the DeFi space and it has brought about a number of problems for the Ethereum network, combined with huge losses because of an insatiable appetite. A whole legion of DeFi users ended up piling into an unaudited code, which resulted in a loss of millions, as it allowed a hacker to steal nearly $15 million in tokens. Yearn Finance’s popular Andre Cronje was developing an upcoming protocol built for gaming called Eminence.
The protocol was untested and unfinished, but DeFi fanatics were able to discover it after a couple of art teasers were posted on Twitter by the developer, hinting at the project. On the 28th of September, 2020, Cronje went to bed, not knowing what was going to happen the next day. Within the DeFi space, there was a lot of hype being generated around this unaudited project. A major part of the community was being pulled by FOMO (Fear of Missing out), prompting them to buy into the unaudited project. Hence, a total of $15 million was dumped it, but a hacker managed to find a loophole and drained it of funds completely.
It appears that even the hacker regretted the entire debacle because he ended up enigmatically transferring about $8 million of the stolen funds back into the account of Cronje. This was the mess that he had to deal with when he woke up the next day. Unfortunately, this fiasco didn’t end where it should have. Cronje had only teased the crypto community about an unfinished protocol, having no idea that people would actually pile into it before it was completed. He issued a statement where he explained that a ‘simple’ exploit had been used by the hacker for stealing the funds.
Subsequently, Cronje received a lot of hate and revealed that due to this blunder, he had received a number of threats. He announced that the Yearn treasury would be working to refund the users some amount by using the funds that the hacker had sent to Cronje. This is in accordance with the picture taken of the EMN balances before the hack. In all of the updates that Cronje had made, he had constantly stressed that neither the contracts nor the ecosystem of Eminence had been finalized. As a matter of fact, the man had also said that he was going to work on the project for at least three more weeks.
There are a number of things that seem to have gone wrong in this case. First, Cronje should have thought about the impulsive nature that’s brought about by the hype train. But, he cannot be blamed because he was not the one who ended up dumping funds into an unaudited and untested protocol. With any luck, the matter will be resolved easily and quickly and Cronje will not have to deal with the anger and criticism being directed at him.