Unreleased Yearn Finance Project Sees Hacker Stealing $15 Million Author: Ali Raza Last Updated: 29 September 2020 It must be tough operating in a space with so much hype that it actually manages to damage itself by sheer positive sentiment. The DeFi space is suffering from these levels of momentous hype, causing an array of problems for the Ethereum network, alongside incredible losses due to an insatiable appetite. An entire legion of DeFi users piled into an unaudited code, causing millions of losses as a hacker managed to steal $15 million in tokens. Eminence Getting Hacked Before Official Launch Eminence was an upcoming, unfinished protocol built for gaming, and was built by the popular Andre “I test in production” Cronje of Yearn Finance. DeFi fanatics had managed to discover this untested protocol after the developer posted several art teasers for the project itself on Twitter. Cronje went to bed on the 28th of September, 2020, none the wiser as to what will happen the next day. Meanwhile, within the DeFi space, massive amounts of hype were being generated for this unaudited project, with the community at large pulling a large-scale FOMO and buying into the untested protocol. About $15 million was dumped into EMN, but an exploit was quickly found, and the protocol was completely drained of funds. It seems that even the hacker that did this felt sorry for the entire debacle, as the hacker had enigmatically decided to transfer $8 million of these funds back into the Yearn deployer account of Cronje. That was the mess that Cronje had to wake up to. Receiving Threats Over Untested Project Sadly, this fiasco can’t just end where it should, where a man teased an unfinished protocol, thinking that no one would pile on to it in the meantime. Cronje gave a statement about the matter, explaining that the hacker had made a “simple” exploit in order to steal these funds. The man has subsequently received a lot of hate, as a result of this spectacular blunder, and told Crypto Twitter that he had been receiving a number of threats as of late due to this. He announced that Yearn treasury would work towards refunding the users the funding that Cronje had received from the hacker. This runs in accordance with a snapshot made of EMN balances prior to the hack. As I am receiving a fair amount of threats, I have asked yearn treasury to assist with refunding the 8m the hacker sent. The multisig is safer and as such I feel more comfortable with them having the funds. Funds will be returned to holders pre-hack snapshot. https://t.co/wbputn5hYD — Andre Cronje (@AndreCronjeTech) September 29, 2020 Blunders. Blunders Everywhere. Cronje had stressed the fact that neither the ecosystem, nor the contracts of Eminence were final, to begin with, and the man himself had planned on working on the project for at least three more weeks. There are many things that went wrong in this case. Cronje should have accounted for the impulsive nature that the hype train causes, but at the same time, he wasn’t the one dumping funds into an untested protocol. With any luck, this can all be resolved quickly and easily.