Legacy Yearn Vault Exploited in Second Attack on the Protocol This Month

The recent flash‑loan attack on Yearn's legacy iEarn TUSD vault illustrates how even dormant contracts can become lucrative targets. Attackers leveraged the immutable nature of the old vault to manipulate share pricing, extracting value without compromising newer Yearn infrastructure. This incident serves as a reminder that DeFi ecosystems must maintain rigorous monitoring of all deployed code, not just active products, to mitigate hidden vulnerabilities.

Yearn's broader trajectory adds context to the exploit's impact. After peaking at $7 billion TVL in 2021, the protocol has struggled with a series of hacks and market downturns, now operating at roughly $562 million—a 124% year‑to‑date increase but a 92% drop from its all‑time high. The recent $300k loss is modest compared with the $9 million breach earlier this month, yet it reinforces investor wariness and contributes to a 6% dip in YFI, which remains down 70% over the past year.

For the DeFi industry, the lesson is clear: legacy contracts are not immune to exploitation. As platforms evolve, they must allocate resources to audit, deprecate, or migrate outdated codebases, integrating automated monitoring tools to detect anomalous activity. Strengthening governance around contract upgrades and fostering transparent communication—like Yearn's prompt X announcement—can help preserve user confidence and protect ecosystem value in an increasingly competitive and security‑focused market.