YieldBlox Hack

On February 21, 2026, YieldBlox, a DAO-managed lending protocol on Stellar, lost about $10.2 million through a price-manipulation attack. Per Halborn, the attacker manipulated price feeds to inflate collateral values and borrow against them, draining lending pools before the oracle corrected. In an outcome unusual for DeFi exploits, Stellar network validators were able to freeze roughly $7.2 million of the stolen funds, a recovery made possible by Stellar’s validator-level asset-freezing capability. The incident was one of the few oracle-manipulation cases in an early-2026 landscape dominated by infrastructure and social-engineering attacks, and it underscored both the enduring danger of manipulable price feeds in lending markets and the value of network-level controls that can claw back stolen assets, alongside time-weighted pricing and oracle-deviation guards.