Blueberry, a decentralized finance (DeFi) protocol, has successfully halted its operations in response to an ongoing exploit, aiming to minimize potential damage. In a post on X on February 23, the Blueberry Protocol Foundation informed users about the exploit and advised them to withdraw their funds from Blueberry lending markets while the protocol was being paused. However, users encountered difficulties with the withdrawal process as the front end was also offline. The website and app briefly went offline, displaying an application error message. Approximately 30 minutes later, Blueberry confirmed that it had managed to pause the protocol, and the website was back up and running.
Blueberry later provided an update, disclosing that all the drained funds had been front-run by c0ffeebabe.eth and were now secure in the Blueberry multisig. Initially, a total of 457 Ether (ETH) was drained, but 366 ETH was recovered by a white hat and returned to the multisignature wallet. The protocol team emphasized this in their statement. Blueberry protocol, which allows lending and leveraged borrowing up to 20 times the collateral value, had a total value locked (TVL) of $4.5 million, according to DefiLlama. After the exploit attempt, the TVL dropped to $3.15 million. Blueberry is a fork of the Compound DeFi protocol.
C0ffeebabe gained recognition when she retrieved approximately 2,879 ETH, equivalent to around $5.4 million, from an exploiter and returned it to the DeFi protocol Curve Finance during its hack in July 2023. Interestingly, on February 22, Blueberry posted a “security overview” emphasizing its commitment to a security-first approach and risk mitigation. The protocol claimed to have undergone audits by Hacken and Sherlock, as well as two independent token security audits. However, the tweet promoting the security review has since disappeared from Blueberry’s X feed. The question arises as to whether crypto projects should negotiate with hackers, although the answer remains uncertain.