Ethical hacker intercepts $2.6M in Morpho Labs exploit
A known maximal extractable value (MEV) white hat actor intercepted about $2.6 million in crypto assets stolen from Morpho Labs’ decentralized finance (DeFi) protocol. On April 10, Morpho Labs implemented a front-end upd...
Archive context
Older archive item. Useful for background and entity history, but not a fresh market-moving signal.
A known maximal extractable value (MEV) white hat actor intercepted about $2.6 million in crypto assets stolen from Morpho Labs’ decentralized finance (DeFi) protocol.
On April 10, Morpho Labs implemented a front-end update on its Morpho Blue application. A day later, a hacker breached an address through a vulnerability caused by the update. Blockchain security firm PeckShield reported that an address lost $2.6 million due to the vulnerability.
However, the security firm noted that “c0ffeebabe.eth,” a known white hat MEV operator, had front-run the transaction, effectively intercepting the stolen funds.
At the time of writing, the funds had been transferred to a different wallet address. It’s unclear whether the funds have yet been returned to their original owner.
Morpho Labs reverts front-end updateResponding to the incident, Morpho Labs reversed its front-end update. In a post on X on April 11, the team confirmed it had been alerted to the issue and rolled back the changes. The team also said that normal operations had resumed:
“All funds in the Morpho Protocol are safe and unaffected. The Morpho team will provide a detailed update later today in this thread.”After further investigation, the team confirmed that its front-end was safe and that users don’t need to perform additional actions to secure their assets.
The team said the update was pushed to enhance the transaction flow. However, specific transactions on the front-end were incorrectly crafted. The Morpho Labs team said they’ve identified the issue and applied a fix. They added that they would publish a more detailed explanation of the incident next week.
Cointelegraph reached out to the Morpho Labs team on X but did not receive a response by publication.
Related: MEV bot loses $180K in ETH from access control exploit
White hat MEV operator c0ffeebabe.ethC0ffeebabe.eth is known to have contributed to the recovery of funds during DeFi hacks. In 2023, the white hat MEV operator retrieved around $5.4 million in Ether (ETH) from the Curve Finance exploit in July 2023.
During the incident, c0ffeebabe.eth used a bot to front-run a malicious hacker to secure 3,000 ETH. The funds were then returned to the Curve deployer address.
In 2024, the mysterious white hat actor also recovered funds stolen during the Blueberry exploit. In an update, the DeFi protocol said all drained funds had been front-run by c0ffeebabe.eth and returned.
Magazine: Illegal arcade disguised as … a fake Bitcoin mine? Soldier scams in China: Asia Express
Why this matters
This security story adds another data point to the current market tape and is useful when read alongside nearby source coverage.
Original source
Read on CointelegraphRelated market context
Trusted Volumes Hacker Returns 1,122 ETH, Keeps $2M Bounty
A hacker tied to the Trusted Volumes exploit has returned 1,122 ETH to the protocol, closing part of a security incident that bega...
Polygon Labs Nears Coinme Integration to Accelerate Blockchain Payments Strategy
Key Takeaways: Polygon is closing its Coinme deal and moving away from blockchain payment solutions. As part of the company’s prof...
Kraken Borrow Update Turns Idle Collateral Into A More Flexible Trading Tool
Kraken is updating its borrow product in a way that speaks directly to one of the central questions for active crypto traders: wha...
SEC Crypto Framework Could Finally Put DeFi Safe Harbors On The Table
The SEC’s proposed Regulation Crypto framework is moving into focus because it touches one of the hardest questions in digital-ass...
CFTC investigates White House teleprompter operator for allegedly profiting from Kalshi trades on Trump speeches
The investigation highlights the need for robust regulatory frameworks to address insider trading risks in emerging prediction mar...
Grayscale updates Solana staking ETF to pay quarterly cash rewards to shareholders
Grayscale updates its Solana staking ETF to pay quarterly cash distributions, cutting fees sharply and mirroring its Ethereum stak...