登入
註冊
掃描 QR Code 下載 APP
更多下載方式
平台通知
交易行情
沒有新通知
更多
選擇語言及地區
简体中文
English
Tiếng Việt
繁體中文
Español
Русский
Français (Afrique)
Português (Portugal)
ไทย
Indonesia
日本語
بالعربية
Українська
Português (Brasil)
漲跌顏色
紅漲綠跌
綠漲紅跌
漲跌幅起始時間
24小時制
UTC 00:00
UTC+8 00:00
Gate.io
BLOG
White Hacker Discovers a $1.3 Million De...
White Hacker Discovers a $1.3 Million DeFi Exploit
2024-03-06, 02:23
[//]:content-type-MARKDOWN-DONOT-DELETE ![](https://gimg2.gateimg.com/image/article/1709691770sdfx.jpeg) ## [TL; DR] A white hat hacker recovered $1.3 million worth of stolen crypto assets from Blueberry Protocol. The same white hat hacker, by the name @ coffeebabe_eth, recovered $5.4 million for Curve Finance in 2023. White hat hacking enables DeFi protocols to identify vulnerabilities in their systems **Keywords**: DeFi protocols, ethical hacker, crypto exploit, DeFi exploit, crypto hackers, white hat hacker, crypto bots attack, crypto losses, crypto ecosystem, crypto threat ## Introduction The greatest threat to cryptocurrencies as a form of digital money and store of value is hacking and other forms of cyber thefts like [phishing](https://www.gate.io/blog_detail/1425/what-is-phishing-and-how-to-protect-ourselves-from-phishing-attacks "phishing"). Since the early days of digital assets nefarious actors have been stealing crypto assets from investors and blockchain based firms operating in the cryptocurrency sector. Over the years such threats have affected the adoption rate of digital assets. The best way to prevent thefts of digital assets is through high infrastructure security and auditing. Nonetheless, crypto projects can also make use of white hat hackers to test their security levels thereby reducing the possibility of Defi exploit. Today, we look at how white hat hackers prevented thefts of crypto assets in the past. Read also: [What is Sandwich Attack?](https://www.gate.io/learn/articles/what-is-a-sandwich-attack/936 "What is Sandwich Attack?") ## Blueberry Protocol under Threat: White Hat Hacker Neutralizes DeFi Exploit on February 23 The Blueberry Protocol, a decentralized platform enabling lending, was attacked on 23 February and was on the verge of incurring crypto losses of 457.6 <a href="/zh-tw/price/ethereum-eth" target="_blank" class="blog_inner_link">Ethereum</a> (ETH), worth about $1.3 million at that time, only to be rescued by a white hat hacker known only as “c0ffeebabe.eth.” What led to c0ffeebabe.eth’s intervention was Blueberry Protocol Foundation’s quick response after noticing the DeFi exploit. They quickly notified its customers about the hacking using the X social media platform. The team urged the users to withdraw their holdings as soon as they could. Sadly, within a short time the platform’s frontend was inaccessible. Nonetheless, the foundation managed to pause the protocol after about 30 minutes which prevented the malicious actor from further draining the cryptocurrencies. Basically, the exploiters had managed to drain <a href="/zh-tw/price/bitcoin-btc" target="_blank" class="blog_inner_link">Bitcoin</a> (BTC), USDC and <a href="/zh-tw/price/olympus-ohm" target="_blank" class="blog_inner_link">Olympus</a> from lending markets. At that time, all the crypto assets that were in the Blueberry Protocol were under threat. Apart from the team, other alert individuals and organizations helped to disseminate information about the existing crypto threat. ![](https://gimg2.gateimg.com/image/article/17096913441.jpeg) Source: [x.com](https://twitter.com/BlockSecTeam/status/1760876339903558114 "x.com") As observed in the screenshot, the BlockSecTeam was one of the organization that helped to pass the information to other stakeholders. Once the situation was under control and further crypto losses were averted the Blueberry Protocol Foundation assured its users that their holdings were safe. Posting [on X the team said](https://twitter.com/blueberryFDN/status/1760872935982879030 "on X the team said"), “All drained funds were front run by @ coffeebabe_eth and are now safe in the Blueberry multisig, less the validator payment.” As the team acknowledged, a white hat hacker (@ coffeebabe_eth) rescued the protocol from the impending crypto losses. The ethical hacker recovered 366 ETH out of a total of 457 Ether which the crypto hackers had drained from the protocol. At that time, the team said that it was negotiating with the validators to return 91 ETH. It [clarified](https://twitter.com/blueberryFDN/status/1760876257078899016 "clarified"): “Deposited funds are currently safe. Only three markets were affected and the large majority was already returned. Total validator payment (loss) is 91 ETH. We are getting in touch and aim for a full repayment to users as the goal.” It is important to realize that at the time of the crypto exploit the Blueberry Protocol [had a total value locked (TVL)](https://www.gate.io/de/blog_detail/1471/the-total-value-locked-tvl-of-the-defi-protocols-exceeds-70-billion "had a total value locked (TVL)") of $4.5 million but it decreased to $3.15 million after the unsuccessful DeFi exploit. Read also: [What does TVL mean in DeFi?](https://www.gate.io/learn/articles/what-does-tvl-mean-in-defi/217 "What does TVL mean in DeFi?") ![](https://gimg2.gateimg.com/image/article/17096914992.jpeg) Blueberry Protocol total value locked (TVL) - [Defillama](https://defillama.com/protocol/blueberry-lend "Defillama") As you note in the picture, soon after the foiled DeFi exploit the protocol’s total value locked (TVL) fell from $4.5 million to $3.15 million. ## White Hat Hacker, c0ffeebabe.eth, also Rescued Curve Finance in 2023 The ethical hacker, c0ffeebabe.eth, also [rescued Curve Finance in 2023](https://www.gate.io/blog_detail/3081/curve-founder-168m-stash-faces-stress "rescued Curve Finance in 2023") when he/she recovered cryptocurrencies worth $5.4 million which malicious hackers had stolen. In fact, c0ffeebabe.eth used an Ethereum-arbitrage trading bot to outsmart the attackers and recover the stolen crypto assets. The ethical hacker returned the funds to the team. ## DeFi Losses of 2023 The Blueberry hacking incident indicates how DeFi protocols are vulnerable to malicious crypto exploitation. For example, in 2023 alone DeFi incurred losses amounting to over $1 billion due to cyber-theft as the following graph indicates. ![](https://gimg2.gateimg.com/image/article/17096915623.jpeg) DeFi losses for 2023:[ x.com](https://twitter.com/intotheblock/status/1736054070492696827/photo/1 " x.com") As observed from the diagram, in 2023 DeFi incurred crypto losses amounting to about $1.02 billion. However, that signified a huge decrease from the losses the sector incurred in 2021 and 2022 when the DeFi losses were about $3.96 billion and $53 billion, respectively. ## Why White Hat Hackers Vital to the Crypto Sector? As we noted in the cases of Curve Finance and Blueberry Protocol white hat hackers play a big role in preventing and foiling malicious crypto exploits. They use many methods to assist crypto projects to prevent the attacks. First, the aim of white hat hackers is to help the crypto ecosystem to improve security systems so as to prevent crypto exploits. In other words, they carry out white-hat hacking, also called ethical hacking or penetration testing. In such cases, the owners of the digital projects authorize the white hat hackers to test their systems and suggest ways to improve them. This is because crypto hackers capitalize on unidentified loopholes or vulnerabilities in the protocols. Primarily, penetration testing minimizes chances of system failures and thefts. Although the white hackers use similar tools and techniques as the black hats they have good intentions. For example, they use malicious software and DoS or [DDoS attacks ](https://www.gate.io/bitwiki/detail/152/distributed-denial-of-service-attack--ddos-attack "DDoS attacks ")with the goal of identifying threats [and protecting crypto assets](https://www.gate.io/blog_detail/2460/security-measures-at-gateio-protecting-your-digital-assets-in-the-crypto-landscape "and protecting crypto assets"). A white hat, for instance, can use a crypto bots attack. In all, he/she/they hack for the good of the DeFi projects and within the armpits of the law since they are threat-removal agents. ## Conclusion A popular white hat hacker @ coffeebabe_eth foiled a DeFi exploit on 25 February, averting a $1.3 million loss for Blueberry Protocol. The same ethical hacker also recovered over $5.4 million after some crypto hackers exploited Curve Finance in 2023. In general, penetration testing helps to identify loopholes in DeFi systems which reduces the number of hacking incidents. <div class="blog-details-info"> <div>Author:** Mashell C.**, Gate.io Researcher <div class="info-tips">\*This article represents only the views of the researcher and does not constitute any investment suggestions. <div>\*Gate.io reserves all rights to this article. Reposting of the article will be permitted provided Gate.io is referenced. In all cases, legal action will be taken due to copyright infringement. </div>
分享一下
目錄
[TL_ DR]
Introduction
Blueberry Protocol under Threat: White Hat Hacker Neutralizes DeFi Exploit on February 23
White Hat Hacker, c0ffeebabe.eth, also Rescued Curve Finance in 2023
DeFi Losses of 2023
Why White Hat Hackers Vital to the Crypto Sector?
Conclusion
荣誉积分榜
完成动态任务,升级荣誉等级
马上参与
相關文章
行情資訊
科普:从比特币到以太坊-为什么说以太坊是区块链2.0
2021-06-20, 09:30
行情資訊
史上最大空投可能来临:MetaMask即将推出Token
2022-03-18, 04:53
行情資訊
流动性挖矿科普:流动性有多重要?从做市商谈起
2021-07-19, 07:36