Crypto hacker loses millions as project wipes out stolen tokens
BTRFLY
BTRFLY
RDAC
BAL
REDACTED
The world of crypto is often called the Wild West and the argument is not without merit. The market is very volatile, and scams and hacks abound.
Recently, a shocking case of a crypto hack has come into view, where the hacker's payday was cut short.
Related: Crypto's biggest sleuth has 10 shocking questions on hacks
On Nov. 30, Yearn Finance, a popular decentralized finance (DeFi) protocol dedicated to yield aggregation, suffered a loss of approximately $9 million in a security incident.
- $8 million from the impacted stableswap pool
- $0.9 million from the yETH-WETH stableswap pool on Curve
The funds got drained from yETH, a Yearn token that puts different types of staked Ethereum (ETH) into a single asset.
Initial analysis indicated this hack has a similar high complexity level to the recent Balancer hack, so please bear with us as we perform the post-mortem analysis.
— yearn (@yearnfi) December 1, 2025
There is no other Yearn product using similar code to what was impacted.
On Dec. 1, Yearn Finance released a detailed report and said the security incident is the result of the mix of a “low-level numerical bug” and a “high-level invariant-management issue.”
More News:
- Woman jailed in world's 'largest' Bitcoin scam
- Man triggers smoke bomb during failed crypto robbery
- FBI exposes 'fictitious' law firms conning crypto scam victims
Hacker's stolen tokens get burned
First, the issuer warned the hacker that their ERC-20 tokens are at risk of being burnt and blacklisted. It asked the hacker to deposit them in a pool or swap to ETH to prevent such happenings.
Later, a Yearn deployer address urged the hacker to open communication via an on-chain signed message or any secure channel.
"We are prepared to handle this privately and professionally, and are open to discussing terms constructively."
Finally, the crypto hacker's stolen tokens, worth approximately $2.4 million, were burned by the issuer on Dec. 1, and an equivalent amount was simultaneously minted to the team’s multisig.
Token burning is the process of permanently removing cryptocurrency tokens from circulation. Projects do this by sending tokens to an unreachable “burn address,” ensuring they can never be used, sold or recovered.
Burning can reduce a token’s total supply, which may increase scarcity or help stabilize an ecosystem after hacks, exploits or excessive issuance. Some protocols burn tokens on a schedule, while others burn them in response to specific events, such as buybacks or governance decisions.
857 pxETH worth $2.4 million was burned from the @yearnfi attacker's balance and the same sum was minted to Redacted Cartel multisig.
— Defimon Alerts (@DefimonAlerts) December 1, 2025
The hacker still has $3.7 million in various LSTs.https://t.co/9V4pusn5pH pic.twitter.com/NfSOPxVbbp
This isn't the first time that Yearn Finance has suffered an exploit. It earlier lost $11 million each in two breaches in 2021 and 2023.
