Long -term attack on HEX investor and distracted Morpho Labs leakage – Cybersecurity News

• The Hex19 investor lost more than $ 4.5 million after the hacking of the wallet that occurred due to the storage of the Sid Phrase in the cloud.
• The attacker tried to withdraw $ 2.6 million from the Morpho Blue app, But the well-known MEV operator C0FEEBABE.th was ahead of the hacker and intercepted the money.

The long -term HEX investor, known as Hex19, has lost more than $ 4.5 million as a result of hacking. Cointelegraph writes about it with reference to your own sources.

The attacker gradually withdrew the funds from the investor’s wallet, at which hex tokens were in stinging. Initially, the community decided that the owner was withdrawn. But then it became clear – the wallet was broken.

The hacker attack lasted for several years: the first leakage was recorded at the end of 2021, and the last-in March 2025. The funds were passed through phishing addresses related to the Konpyl online person.

The same attacker appeared in other schemes, including Rabby fake purse.

According to insider information, the wallets of the breakdown intersect with the addresses used in the Inferno Drainer schemes – a phishing attack service.

“Hex19 has become a victim because of the storage of the Sid-Phrase in the cloud,” said anonymous expert.

According to him, the attacker acted as a characteristic of Konpyl.

The first major transaction took place on November 21, 2021 – almost $ 4 million in Hex was sent from the Hex19 wallet. The money was distributed to several addresses. Some of the funds got into Tornado Cash, the other-on the exchange and in Defi protocols for laundering.

By 2024, hackers withdrew another $ 108,000.

HEX19 does not expect to return the money, but hopes that his experience will help others think twice before keeping his or her own phrases on the Internet.

Some of its funds are still stacked, but hackers can get them after unlocking.

On April 10, the Morpho Labs team updated the interface of the Morpho Blue application. A day, Hacker took advantage of the vulnerability associated with changes, and led from one of the addresses of $ 2.6 million. PECKSHIELD blockchain analytics confirmed the leakage.

#Peckshileslelet an Address Appears to have Suffired A $ 2.6M Exploit Due to A #morphoblue Frontend Vulneracy and Was Frontrun by c0ffebeBabe.th. The Funds Were Transferred To 0x1a5b… C742. pic.twitter.com/ye4csye20

– Peckshilendalert (@peckshshieldalert) April 11, 2025

However, a well-known MEV operator under the pseudonym C0FEEBEBABE.ETH Preventing the withdrawal of assets. He was ahead of the attacker by intercepting the funds and transferring them to another address.

After the incident, Morpho Labs canceled the interface update.

The Morpho Team Was Alerted to An Issue in Yesterday’s Morpho App Frontend Update.

We have reverber the Changes and Restored Normal Operation.

All Funds in the Morpho Protocol Are Safe And Unaffected.

The Morpho Team Will Provide A Detailed Update Later Today in this Thread.

– Morpho Labs 🦋 (@morpholabs) April 11, 2025

According to the company’s statement, the work of the protocol is restored and user funds are safe. The team also confirmed that the cause of the problem has been eliminated and the details of the investigation will be published later.

C0FEBEBEBE.TH is known for recovery after Defi. In 2023, he returned $ 5.4 million stolen from Curve Finance. In 2024, it was also prevented by the withdrawal from Blueberry.

We will remind, the total amount of losses from 265 cryptos for the entire 2024 and the first two months of 2025 exceeded $ 3.83 billion, Global Ledger experts reported.

Immunefi declared the worst quarter for the crypto industry

The gun