A gaming multiverse initiative associated with prominent DeFi developer Andre Cronje and Yearn Finance became the latest victim of a cryptocurrency exploit, resulting in losses totaling $15 million. T
A gaming multiverse initiative associated with prominent DeFi developer Andre Cronje and Yearn Finance became the latest victim of a cryptocurrency exploit, resulting in losses totaling $15 million. The project, known as Eminence (EMN), fell prey to attackers who uncovered fundamental vulnerabilities in the unaudited smart contracts.
The situation unfolded rapidly. Cronje had shared teasers for Eminence on social media before logging off for the evening. Eager crypto investors, driven by the fear of missing out on what they perceived as an attractive opportunity, hastily deposited approximately $15 million into the protocols. What transpired was swift and devastating—the entire deposited amount was siphoned through an exploit. In an unusual turn of events, the attacker transferred $8 million of the stolen funds directly to Cronje's yearn deployer wallet.
Cronje explained the chain of events in a subsequent Twitter post: "Yesterday we finished the concept behind our new economy for a gaming multiverse (Eminence)…I deployed 2 separate batches of contract. We posted the first clan 'Spartans' and I went to bed. I was messaged awake to find out a) almost $15 million was deposited into the contracts b) the contracts were exploited for the full $15 million and c) $8 million was sent to my yearn: deployer account."
The vulnerability exploited proved straightforward. The attacker leveraged a basic attack vector: generating substantial quantities of EMN tokens via the bonding curve mechanism, converting the EMN into alternate cryptocurrencies, and then liquidating those assets back for EMN.
Significantly, Cronje disclosed that Eminence was nowhere near operational status. The foundational infrastructure and ecosystem components remained under development, with the project requiring a minimum of three weeks or more before approaching readiness.
In response, Yearn Finance's treasury committed to covering reimbursement of the $8 million that had reached Cronje's account, a gesture aimed at addressing some of the community's losses from what many viewed as another cautionary tale regarding the risks of deploying unvetted code in the decentralized finance sector.
