DeFi protocol Blueberry has suspended lending following a secret exploit

DeFi protocol Blueberry has suspended lending following a secret exploit



Decentralized finance (DeFi) protocol Blueberry on Friday suspended the protocol after a mad dash to limit the potential damage of an “ongoing exploit.”

In a February 23 post on X, the Blueberry Protocol Foundation reported that it was suffering from “continued exploitation” and advised users to withdraw their funds from Blueberry's lending markets as it works to “pause the protocol as soon as possible.”

Adding to the chaos, users have reported issues with logging, while Blueberry claims the front end is also down.

“The front end is also gone, so if you can contact contracts directly to get out, please do.”

The website and application went offline briefly with the following application error: “An exception occurred with the client.”

Binance

After 30 minutes Blueberry confirmed that it was able to stop the protocol, the website was back up and running.

“Funds that have been deposited cannot be used at this time and we will update when we have more information.”

Another update was later added by Blueberry stating that all the flushed funds were done in front of c0ffeebabe.eth and are now safe in Blueberry MultiSig.

“The team is in contact with security and will forward experts and try to contact the validator to return the remaining 91 ETH.”

A total of 457 Ether (ETH) was initially poured, but 366 ETH was saved by the so-called white hat and returned to the multi-signature wallet. The protocol team reiterated:

“Deposits are currently safe. Only three markets were affected and most of them have already been recovered. Total validator fee (loss) is 91 ETH. We are communicating and will fully pay users as intended. The protocol has stopped.”

Related: Ethical hacker raises $5.4M for Curve Finance amid exploit

Blueberry Protocol is a decentralized lending marketplace that enables lending and leverage up to 20x the collateral value.

According to Defillama, it had a total value locked (TVL) of $4.5 million and was a fork of the Compound DeFi protocol. After an exploit attempt, the TVL dropped to $3.15 million.

C0ffeebabe gained notoriety when she took 2,879 ETH, about $5.4 million, from an exploiter during her July 2023 hack and returned it to the Defi protocol Curve Finance.

Interestingly, on February 22nd, Blueberry announced that it will launch a “security overview” with development-first development and vulnerability management to prevent any internal threats from protocol activity.

It also claims to have been audited by Hacken and Sherlock and two independent security audits. However, a tweet promoting a “security review” disappeared from the Blueberry X feed.

Should crypto projects negotiate with hackers? in case

Leave a Reply

Pin It on Pinterest