Abdul Sami J. 
June 17, 2022 
Harvest finance got hacked for around $34M due to a flashloan attack which manipulated the price in the Curve pool to retrieve more USDT tokens than originally deposited USDT amount in fUSDT pool. This attack was also possible on other f-pools using the same set of steps described below. But the attacker chose not to continue. If the attack had continued, the attacker would have walked away with ~$400M worth of assets. Harvest is a type of yield farming protocol the same as YFI (Yearn Finance). It gathers yields from various lending protocols and optimizes for the maximum gain to return to depositors. The attacker performed an arbitrage attack by using a large flash loan. https://ethtx.info/mainnet/0x9d093325272701d63fdafb0af2d89c7e23eaf18be1a51c580d9bce89987a2dc1/ We will be focusing on this specific transaction to understand the hack. https://etherscan.io/tx/0x9d093325272701d63fdafb0af2d89c7e23eaf18be1a51c580d9bce89987a2dc1 We have put together a GitHub repository to reproduce the attack. Here is the Github repo: https://github.com/abdulsamijay/Defi-Hack-Analysis-POC/tree/master/src/harvest-finance Also read Pickle Finance Hack Analysis & POC.Introduction
The Exploit
Detailed Transaction Trace
Try It Yourself!
The Deus DAO hack had significant financial consequences, with users collectively losing around $6.5 million across Arbitrum, BSC, and Ethereum chains. Furthermore, the hack caused the DEI stablecoin to depeg by more than 80%, destabilizing its value and potentially shaking investor confidence.
Gul Hameed 
May 24, 2023 From an outsider’s perspective, returning millions of dollars worth of funds after successfully pulling off a complicated exploit is, at best, admirable, and at worst, foolish. What could be the motivation behind such a decision?
Abdul Sami J.
September 17, 2021 Beanstalk protocol got hacked for around $74M through exploiting the governance mechanism & stealing all the BEANS & Curve LP tokens stored in the Beanstalk protocol.
Abdul Sami J.
April 27, 2022 
