Blueberry Protocol narrowly avoids $1.3 million hack

The Blueberry defi leverage project had a bug in their lending contract, where improper decimal handling allowed for an exploit. An attacker tried to exploit the vulnerability, but was front-run by c0ffeebabe.eth, a well-known MEV bot operator and whitehat who has in the past been able to front-run other exploits and return the funds to the projects.

About 457.7 ETH ($1.35 million) was drained from the project, but 366.6 ETH ($1.08 million) of that was able to be returned. The remaining ~91 ETH (~$265,000) was lost to validator payments.

Blueberry paused their protocol as they investigated the hack, and stated that they "aim for a full repayment to users as the goal".