DeFi yield farming project Yearn Finance has been hit by an exploit that has affected a DAI lending pool, according to its Twitter account.

The tweet, posted at around 5 PM Eastern US time, states: "We have noticed the v1 yDAI vault has suffered an exploit. The exploit has been mitigated. Full report to follow."

Yearn developer banteg, one of the administrators of the DeFi project's website, followed with a few more details: "Yearn DAI v1 vault got exploited, the attacker got away with $2.8m, the vault lost $11m. Deposits into strategies disabled for v1 DAI, TUSD, USDC, USDT vaults while we investigate."

The suspected exploit involved 160 "nested transactions," pointed out Aave founder and CEO Stani Kulechov.

The trading price for the YFI governance token fell sharply on the news, plummeting from $34,700 to $30,500 in minutes (though it's since rebounded slightly).

Yearn aggregates DeFi lending protocols such as Aave and Compound to make sure users get the best return on their loan.

Update: An earlier version of this story claimed that $14 million was taken from  yearn.finance. The actual number was closer to $11 million.

Daily Debrief Newsletter

Start every day with the top news stories right now, plus original features, a podcast, videos and more.