🔥 BitDegree partnered with Ogvio - a free international money transfer service! Sign up now & grab Rewards! 🎁
Crypto News Exploits
$2.6M Vulnerability Flagged by White Hat in Morpho App Update

$2.6M Vulnerability Flagged by White Hat in Morpho App Update

Aaron S. Editor-In-Chief
Written by Aaron S.,
Editor-In-Chief

✓ Fact Checked

Last Updated: June 25, 2025

✓ Fact Checked

Key Takeaways

  • White hat hacker c0ffeebabe.eth secured $2.6M in crypto after discovering a vulnerability in the Morpho App;
  • The vulnerability was caused by an update to the app's front-end on April 10;
  • Morpho Labs rolled back the change, fixed the issue, and confirmed user funds are safe.

Stop overpaying - start transferring money with Ogvio. Sign up, invite friends & grab Rewards now! 🎁

$2.6M Vulnerability Flagged by White Hat in Morpho App Update

A white hat hacker stepped in to protect $2.6 million in crypto after a front-end vulnerability was discovered in the Morpho App, a decentralized lending platform developed by Morpho Labs.

The issue surfaced after Morpho Labs launched a front-end update to the app on April 10.

A known ethical maximal extractable value (MEV) actor, known as c0ffeebabe.eth, identified the flaw introduced by the update and accessed the affected funds.

How Does Cryptocurrency Work? (Explained with Animation)

Did you know?

Want to get smarter & wealthier with crypto?

Subscribe - We publish new crypto explainer videos every week!

How Does Cryptocurrency Work? (Explained with Animation)

How Does Cryptocurrency Work? (Explained with Animation) How Does Cryptocurrency Work? (Explained with Animation)

After the incident, Morpho Labs rolled back the update. In an April 11 post on X, the team confirmed it had been informed about the issue and took steps to fix it. They said all user funds within the main Morpho Protocol were safe and unaffected.

The update that caused the issue was meant to improve how transactions are handled. However, the change ended up generating some transactions incorrectly, which opened the door for the vulnerability. Morpho Labs said that it has found the problem and fixed it.

A report shared by PeckShield initially stated that $2.6 million had been “stolen” and claimed that c0ffeebabe.eth had front-run a malicious transaction - essentially intercepting the funds before they reached an attacker.

However, Morpho Labs later clarified that no malicious transaction was involved. The white hat discovered the flaw, used it to safeguard the assets, and later returned the full amount, acting within the bounds of Morpho’s bug bounty process.

Meanwhile, cybersecurity firm Kaspersky recently reported that hackers are distributing fake Microsoft Office add-ins on SourceForge. What did they do? Read the full story.

Aaron S. Editor-In-Chief
Aaron S. Editor-In-Chief
Having completed a Master’s degree in Economics, Politics, and Cultures of the East Asia region, Aaron has written scientific papers analyzing the differences between Western and Collective forms of capitalism in the post-World War II era.
With close to a decade of experience in the FinTech industry, Aaron understands all of the biggest issues and struggles that crypto enthusiasts face. He’s a passionate analyst who is concerned with data-driven and fact-based content, as well as that which speaks to both Web3 natives and industry newcomers.
Aaron is the go-to person for everything and anything related to digital currencies. With a huge passion for blockchain & Web3 education, Aaron strives to transform the space as we know it, and make it more approachable to complete beginners.
Aaron has been quoted by multiple established outlets, and is a published author himself. Even during his free time, he enjoys researching the market trends, and looking for the next supernova.
See Our Experts
Loading...

The Most Liked Crypto News Findings

Looking for more latest crypto news on related topic? We have gathered similar news articles for you to spare your time. Take a look!

Anthropic Study: AI Can Autonomously Hack Smart Contracts

Exploits

Anthropic Study: AI Can Autonomously Hack Smart Contracts

Lazarus Group Strikes Again: $1.4 Billion Crypto Heist Exposed by AhnLab

Exploits

Lazarus Group Strikes Again: $1.4 Billion Crypto Heist Exposed by AhnLab

Balancer Introduces $8 Million Payout Plan After $116 Million Hack Fallout

Exploits

Balancer Introduces $8 Million Payout Plan After $116 Million Hack Fallout

Latest Crypto News & Videos

Washington Shuts Down Coinme, Orders $8 Million Crypto Refund to Customers

Regulation

Washington Shuts Down Coinme, Orders $8 Million Crypto Refund to Customers

Citadel’s SEC Plea to Regulate DeFi Stocks Triggers Industry Backlash

Regulation

Citadel’s SEC Plea to Regulate DeFi Stocks Triggers Industry Backlash

Ethereum’s Fusaka Upgrade Speeds Up Network, Cuts Costs

Blockchain

Ethereum’s Fusaka Upgrade Speeds Up Network, Cuts Costs

How to Transfer Money Without Fees? [Animated Tips 2025] How to Transfer Money Without Fees? [Animated Tips 2025]
VIDEO

How to Transfer Money Without Fees? [Animated Tips 2025]

Remittance Explained: Will This Newcomer Change the Game? (ANIMATED) Remittance Explained: Will This Newcomer Change the Game? (ANIMATED)
VIDEO

Remittance Explained: Will This Newcomer Change the Game? (ANIMATED)

Toobit Tutorial For Beginners (FULL Animated 2025 Guide) Toobit Tutorial For Beginners (FULL Animated 2025 Guide)
VIDEO

Toobit Tutorial For Beginners (FULL Animated 2025 Guide)

Trending Crypto News

The tech that powers most of crypto

The tech that powers most of crypto

Ogvio Introduces Global Money Transfers With Instant Delivery and No Hidden Fees

Ogvio Introduces Global Money Transfers With Instant Delivery and No H...

Are seed phrases a thing of the past?

Are seed phrases a thing of the past?

Meta Recruits Apple’s Alan Dye to Lead New Reality Labs Design Studio

Meta Recruits Apple’s Alan Dye to Lead New Reality Labs Design Studio

Ledger Square
binance
×
Verified

ZERO FEES

For Ogvio Money Transfers
Rating
5.0
Get deal
×
BitDegree.org

BitDegree.org

Fact-checking Standards

To ensure the highest level of accuracy & most up-to-date information, BitDegree.org is regularly audited & fact-checked by following strict editorial guidelines & review methodology.
Carefully selected industry experts contribute their real-life experience & expertise to BitDegree's content. Our extensive Web3 Expert Network is compiled of professionals from leading companies, research organizations and academia.

All the content on BitDegree.org meets these criteria:

  • Only authoritative sources like academic associations or journals are used for research references while creating the content.
  • The real context behind every covered topic must always be revealed to the reader.
  • If there's a disagreement of interest behind a referenced study, the reader must always be informed.
Feel free to contact us if you believe that content is outdated, incomplete, or questionable.
×
Subscribe

Subscribe

On Youtube

Understand crypto with ease

New explainer videos every week!