DeFi protocol Morpho Labs has confirmed its frontend is secure after reverting a faulty update that had led to a $2.6 million exploit, which was intercepted by white hat MEV operator c0ffeebabe.eth. The exploit took place after a frontend update on Morpho Labs’ DeFi app Morpho Blue on April 10. The update was designed to improve transaction flow within the app. On April 11, blockchain security firm PeckShield reported that a vulnerability in the update allowed a hacker to exploit an address associated with the protocol, which could have resulted in a loss of $2.6 million. #PeckShieldAlert An address appears to have suffered a $2.6M exploit due to a #MorphoBlue frontend vulnerability and was frontrun by c0ffeebabe.eth. The funds were transferred to 0x1A5B…C742. pic.twitter.com/ye4cSyEe20 — PeckShieldAlert (@PeckShieldAlert) April 11, 2025 However, the malicious transaction was front-run by c0ffeebabe.eth , a mysterious white hat MEV bot operator with a track record of using Maximal Extractable Value bots for ethical purposes, effectively preventing the hacker from executing the theft. According to PeckShield, the stolen funds were transferred to a safe address, 0x1A5B…C742, where they were secured. You might also like: Wayfinder’s PROMPT tanks 68% amid MEV exploit targeting Kaito airdrop After the incident, the Morpho Labs team announced in a post on X that the frontend update, which had caused the vulnerability, was reverted and normal operations were restored. The protocol also confirmed that all funds in the Morpho protocol were safe and unaffected by the exploit. In a follow-up post , the protocol reiterated that “Morpho Frontend is safe,” reassuring users that no additional actions were required on their part to secure their assets. They added that a more detailed post will be released next week. After continued investigation, we confirm the Morpho Frontend is safe. No additional actions required by users. To recap: – Yesterday, a frontend update was pushed to enhance the transaction flow. – At 3:54 AM CET today, we received a report that specific transactions on the… https://t.co/JIE8IGD9ts — Morpho Labs 🦋 (@MorphoLabs) April 11, 2025 MEV attacks remain a persistent threat in crypto. In another incident currently making headlines , a hacker front-ran the Wayfinder (PROMPT) token airdrop intended for Kaito ( KAITO ) users, snatching the tokens before legitimate owners could claim them. You might also like: A Deep Dive Into the Maximal Extractable Value (MEV) Problem on Blockchains
https://www.digistore24.com/redir/325658/ceobig/
