A white hat maximal extractable value (MEV) operator, known as c0ffeebabe.eth, has intervened in a DeFi exploit to save approximately $2.6 million stolen from the Morpho Labs’ Morpho Blue protocol. The operation occurred after Morpho Labs released a front-end update on April 10th that led to an attacker exploiting a vulnerability and stealing funds. Blockchain security firm PeckShield flagged the breach, confirming the amount siphoned, but before the attacker could fully capitalize, c0ffeebabe.eth deployed an MEV bot to secure the stolen assets. The rescued funds were moved to another wallet, though it’s unclear whether they have been returned to the user. Morpho Labs swiftly rolled back the update and reassured users on April 11th via X (formerly Twitter) that all funds in the protocol are safe and unaffected. They promised a detailed update later today. Further investigations confirmed the exploit stemmed from improper transaction formatting due to the front-end interface update, prompting Morpho Labs to apply a fix and clarify users don’t need to take extra precautions. c0ffeebabe.eth has a successful track record of neutralizing DeFi threats, previously recovering $5.4 million in Ether during the Curve Finance hack in July 2023 and intercepting funds stolen from the Blueberry protocol in 2024, returning all assets to their rightful owners. This latest intervention highlights the ongoing efforts to protect users from such attacks.