Markets
More
Beginner's Guide
Gate
BLOG
White Hacker Discovers a $1.3 Million De...

White Hacker Discovers a $1.3 Million DeFi Exploit

2024-03-06, 02:23

[TL; DR]

A white hat hacker recovered $1.3 million worth of stolen crypto assets from Blueberry Protocol.

The same white hat hacker, by the name @ coffeebabe_eth, recovered $5.4 million for Curve Finance in 2023.

White hat hacking enables DeFi protocols to identify vulnerabilities in their s

Keywords: DeFi protocols, ethical hacker, crypto exploit, DeFi exploit, crypto hackers, white hat hacker, crypto bots attack, crypto losses, crypto eco, crypto threat

Introduction

The greatest threat to cryptocurrencies as a form of digital money and store of value is hacking and other forms of cyber thefts like phishing. Since the early days of digital assets nefarious actors have been stealing crypto assets from investors and blockchain based firms operating in the cryptocurrency sector. Over the years such threats have affected the adoption rate of digital assets.

The best way to prevent thefts of digital assets is through high infrastructure security and auditing. Nonetheless, crypto projects can also make use of white hat hackers to test their security levels thereby reducing the possibility of Defi exploit. Today, we look at how white hat hackers prevented thefts of crypto assets in the past.
Read also: What is Sandwich Attack?

Blueberry Protocol under Threat: White Hat Hacker Neutralizes DeFi Exploit on February 23

The Blueberry Protocol, a decentralized platform enabling lending, was attacked on 23 February and was on the verge of incurring crypto losses of 457.6 Ethereum (ETH), worth about $1.3 million at that time, only to be rescued by a white hat hacker known only as “c0ffeebabe.eth.”

What led to c0ffeebabe.eth’s intervention was Blueberry Protocol Foundation’s quick response after noticing the DeFi exploit. They quickly notified its customers about the hacking using the X social media platform.

The team urged the users to withdraw their holdings as soon as they could. Sadly, within a short time the platform’s frontend was inaccessible. Nonetheless, the foundation managed to pause the protocol after about 30 minutes which prevented the malicious actor from further draining the cryptocurrencies.

Basically, the exploiters had managed to drain Bitcoin (BTC), USDC and Olympus from lending markets. At that time, all the crypto assets that were in the Blueberry Protocol were under threat. Apart from the team, other individuals and organizations helped to disseminate information about the existing crypto threat.

Source: x.com

As observed in the screenshot, the BlockSecTeam was one of the organization that helped to pass the information to other stakeholders.

Once the situation was under control and further crypto losses were averted the Blueberry Protocol Foundation assured its users that their holdings were safe. Posting on X the team said, “All drained funds were front run by @ coffeebabe_eth and are now safe in the Blueberry multisig, less the validator payment.”

As the team acknowledged, a white hat hacker (@ coffeebabe_eth) rescued the protocol from the impending crypto losses. The ethical hacker recovered 366 ETH out of a total of 457 Ether which the crypto hackers had drained from the protocol.

At that time, the team said that it was negotiating with the validators to return 91 ETH. It clarified: “Deposited funds are currently safe. Only three markets were affected and the large majority was already returned. Total validator payment (loss) is 91 ETH. We are getting in touch and aim for a full repayment to users as the goal.”

It is important to realize that at the time of the crypto exploit the Blueberry Protocol had a total value locked (TVL) of $4.5 million but it decreased to $3.15 million after the unsuccessful DeFi exploit.

Read also: What does TVL mean in DeFi?

Blueberry Protocol total value locked (TVL) - Defillama

As you note in the picture, soon after the foiled DeFi exploit the protocol’s total value locked (TVL) fell from $4.5 million to $3.15 million.

White Hat Hacker, c0ffeebabe.eth, also Rescued Curve Finance in 2023

The ethical hacker, c0ffeebabe.eth, also rescued Curve Finance in 2023 when he/she recovered cryptocurrencies worth $5.4 million which malicious hackers had stolen.

In fact, c0ffeebabe.eth used an Ethereum-arbitrage trading bot to outsmart the attackers and recover the stolen crypto assets. The ethical hacker returned the funds to the team.

DeFi Losses of 2023

The Blueberry hacking incident indicates how DeFi protocols are vulnerable to malicious crypto exploitation. For example, in 2023 alone DeFi incurred losses amounting to over $1 billion due to cyber-theft as the following graph indicates.

DeFi losses for 2023: x.com

As observed from the diagram, in 2023 DeFi incurred crypto losses amounting to about $1.02 billion. However, that signified a huge decrease from the losses the sector incurred in 2021 and 2022 when the DeFi losses were about $3.96 billion and $53 billion, respectively.

Why White Hat Hackers Vital to the Crypto Sector?

As we noted in the cases of Curve Finance and Blueberry Protocol white hat hackers play a big role in preventing and foiling malicious crypto exploits. They use many methods to assist crypto projects to prevent the attacks.

First, the aim of white hat hackers is to help the crypto eco to improve security s so as to prevent crypto exploits. In other words, they carry out white-hat hacking, also called ethical hacking or penetration testing.

In such cases, the owners of the digital projects authorize the white hat hackers to test their s and suggest ways to improve them. This is because crypto hackers capitalize on unidentified loopholes or vulnerabilities in the protocols. Primarily, penetration testing minimizes chances of failures and thefts.

Although the white hackers use similar tools and techniques as the black hats they have good intentions. For example, they use malicious software and DoS or DDoS attacks with the goal of identifying threats and protecting crypto assets. A white hat, for instance, can use a crypto bots attack. In all, he/she/they hack for the good of the DeFi projects and within the armpits of the law since they are threat-removal agents.

Conclusion

A popular white hat hacker @ coffeebabe_eth foiled a DeFi exploit on 25 February, averting a $1.3 million loss for Blueberry Protocol. The same ethical hacker also recovered over $5.4 million after some crypto hackers exploited Curve Finance in 2023. In general, penetration testing helps to identify loopholes in DeFi s which reduces the number of hacking incidents.


Author: Mashell C., Gate.io Researcher
*This article represents only the views of the researcher and does not constitute any investment suggestions.
*Gate.io reserves all rights to this article. Reposting of the article will be permitted provided Gate.io is referenced. In all cases, legal action will be taken due to copyright infringement.
Share
Content
gate logo
Gate
Trade Now
Join Gate to Win Rewards
Related articles
XRP USD Price: Market Analysis and Future Outlook for 2025
Market News
XRP USD Price: Market Analysis and Future Outlook for 2025
In the short term, whether XRP can break through $4.50 in June depends on technical patterns and regulatory progress.
2025-05-16, 10:21
XRP Price Trend Analysis and Long-Term Outlook
Market News
XRP Price Trend Analysis and Long-Term Outlook
XRP is currently at a key juncture driven by both technical and fundamental factors.
2025-05-16, 10:01
BTC Price Trend Analysis: 2025 Market Dynamics and Future Outlook
Market News
BTC Price Trend Analysis: 2025 Market Dynamics and Future Outlook
Since the approval of the spot Bitcoin ETF in 2024, the market has seen a cumulative inflow of over 50 billion US dollars.
2025-05-16, 10:28