Yield Farming Exploits
Web3 / defi
Yield farming exploits target DeFi protocols offering high reward incentives by manipulating reward distribution mechanisms, draining liquidity pools, or executing flash loan attacks against poorly designed governance or collateral systems. Attackers identify protocols with unbalanced incentive structures or insufficient security audits, then use various techniques including flash loans to artificially increase their share of rewards, perform governance attacks, or trigger unintended contract behavior. Some exploits involve creating fake liquidity pairs to farm rewards with minimal capital, while others manipulate oracle prices to trigger liquidations in connected lending protocols. These attacks have resulted in hundreds of millions of dollars in losses across multiple DeFi platforms. Example: The 2020 bZx flash loan attacks exploited yield farming and lending protocols by borrowing massive amounts through flash loans to manipulate token prices and oracle feeds, then using these manipulated prices to drain yield farming rewards and trigger cascading liquidations. Why it matters for DeFi: Yield farming exploits highlight the risks of complex composability and insufficient security practices in DeFi. Protocols must implement robust oracle designs, circuit breakers, and comprehensive audits, while users should research protocol mechanisms and governance structures before committing capital.
Explore the full Web3 Glossary — 2,062+ expert-curated definitions. Need guidance? Talk to our consultants.