Decentralized finance (DeFi) platform YieldBlox suffered an exploit exceeding $10 million after its USTRY oracle was manipulated. This incident is quite another case where crypto hackers earned profits through price manipulations.
YieldBlox follows the MakinaFi protocol hack
Although the YieldBlox exploit is not an incident very similar to the MakinaFi hack, both cases share similar features. In the latest incident, an exploiter tricked Reflector, a price feed or oracle for YieldBlox, and the system interpreted the USTRY token price as almost 100x the real price.
USTRY is a stablecoin issued by the blockchain finance company Etherfuse. Oracle is an external system that reports the price of tokens to blockchain platforms. If Oracle inputs wrong data to blockchain platforms, the whole system can be easily tricked, and this is exactly what happened in the YieldBlox exploit.
After manipulating the price, the USTRY token surged to nearly $106.7 (100x). The attacker deposited the over-priced USTRY tokens as collateral into a YieldBlox lending pool on Blend v2.
Following this move, the person took big loans against the collateral. Consequently, this helped the person drain nearly 61 million XLM (Stellar Network) and 1 million USDC stablecoin, which are worth $10 million. To note, the Reflector oracle sources prices directly from the Stellar DEX to YieldBlox.
In simpler terms, as the YieldBlox thought the collateral was huge, it allowed the bad actor to borrow digital assets like USDC and XLM worth millions.
MakinFi exploit caused significant Ethereum loss
In mid-January 2026, hackers siphoned nearly $4 million in Ethereum from Makina Finance/MakinaFi through flash loans and oracle manipulation. The tracker drained funds from MakinaFi’s DUSD/USDC liquidity pool, but they could not pull out the whole $4 million as front-running bots on the platform seized a portion of the funds.
Oracle manipulation causes DeFi exploits
Typically, the reason for oracle manipulation cannot be attributed to the type of oracles being used. Oracles depend on market prices to fetch data to blockchain platforms. If the liquidity of a token is very low, it is easy for an attacker to buy a huge amount of tokens and artificially inflate the price to higher values. This would, in turn, make Oracle read wrong prices and exploit the lending systems.
DeFi security hasn’t improved: Industry expert
Benjamin Notini, Co-Founder of Xtrends, a token launchpad, said to AltCoin Desk that DeFi is not safer than it was two years ago. The core issue is that hackers and market manipulators have become more creative, using new methods of exploitation.
Defi is not necessarily more or less secure than just two years ago. However, hackers and market manipulators are consistently attempting new schemes.
Benjamin Notini, Co-Founder XTrends
The co-founder also opined that centrlaized nature of oracle systems can increase the risk of manipulation and hacks.
When an oracle system is centralized, this can leave it vulnerable to hacks and price manipulation. Exactly why many believe in decentralized systems that need verification from many different independent sources.
Benjamin Notini, Co-Founder XTrends
Taken together, YieldBlox and MakinaFi incidents signal a major drawback in oracle design and liquidity, affecting the DeFi system. As bad actors grow in number with more sophisticated ideas, protocols must focus on building stronger and decentralized price feeds. This could help reduce hacks or price manipulation across DeFi platforms.
