A identified maximal extractable worth (MEV) white hat actor intercepted about $2.6 million in crypto property stolen from Morpho Labs’ decentralized finance (DeFi) protocol.
On April 10, Morpho Labs applied a front-end replace on its Morpho Blue utility. A day later, a hacker breached an deal with by means of a vulnerability brought on by the replace. Blockchain safety agency PeckShield reported that an deal with misplaced $2.6 million as a result of vulnerability.
Nonetheless, the safety agency famous that “c0ffeebabe.eth,” a identified white hat MEV operator, had front-run the transaction, successfully intercepting the stolen funds.
On the time of writing, the funds had been transferred to a unique pockets deal with. It’s unclear whether or not the funds have but been returned to their authentic proprietor.
Morpho Labs reverts front-end replace
Responding to the incident, Morpho Labs reversed its front-end replace. In a put up on X on April 11, the group confirmed it had been alerted to the difficulty and rolled again the modifications. The group additionally stated that standard operations had resumed:
“All funds within the Morpho Protocol are protected and unaffected. The Morpho group will present an in depth replace later as we speak on this thread.”
After additional investigation, the group confirmed that its front-end was protected and that customers don’t must carry out further actions to safe their property.
The group stated the replace was pushed to boost the transaction circulate. Nonetheless, particular transactions on the front-end have been incorrectly crafted. The Morpho Labs group stated they’ve recognized the difficulty and utilized a repair. They added that they’d publish a extra detailed clarification of the incident subsequent week.
Cointelegraph reached out to the Morpho Labs group on X however didn’t obtain a response by publication.
Associated: MEV bot loses $180K in ETH from access control exploit
White hat MEV operator c0ffeebabe.eth
C0ffeebabe.eth is understood to have contributed to the restoration of funds throughout DeFi hacks. In 2023, the white hat MEV operator retrieved around $5.4 million in Ether (ETH) from the Curve Finance exploit in July 2023.
In the course of the incident, c0ffeebabe.eth used a bot to front-run a malicious hacker to safe 3,000 ETH. The funds have been then returned to the Curve deployer deal with.
In 2024, the mysterious white hat actor additionally recovered funds stolen throughout the Blueberry exploit. In an replace, the DeFi protocol stated all drained funds had been front-run by c0ffeebabe.eth and returned.
Journal: Illegal arcade disguised as … a fake Bitcoin mine? Soldier scams in China: Asia Express
