Yearn yUSDT Vault Exploit
ExploitTaxonomy (scoring alignment)
Category: vault contractMechanism: logic errorMaps to: code, upgrade, centralization
Affected assets: USDT, DAI, USDC, BUSD, TUSD
Flash loan attack on legacy yUSDT vault. Misconfiguration used wrong Fulcrum token address (iUSDC instead of iUSDT), allowing attacker to mint 1.2 quadrillion shares and drain ~$11.5M in stablecoins via Curve.
Yearn • yUSDT