More than $7M in different crypto assets have been drained from DeltaPrime wallets due to an apparent security breach that affected the Arbitrum version of the DeFi platform.
The exploiter reportedly gained control over an admin proxy and redirected the proxy to a malicious contract, which led to the significant loss of tokens.
DeltaPrime Suffers Over $7M Hack
According to Meir Dolev, the CTO of Cyvers, a famous security firm, in a September 16 X post, decentralized finance (DeFi) borrowing protocol, DeltaPrime, lost millions of dollars in a hack exploit.
In the post, Cyvers revealed that the hacker had transferred about $4.5M worth of USDC from DeltaPrime wallets to a suspicious address.
The hacker later swapped the stolen USDC to ETH. Cyvers added that the hacker is still transferring tokens into the suspicious address, which means that “the total loss might increase.”
Another Blockchain security researcher, Chaofan Shou, co-founder of fuzzland, also announced the DeltaPrime hack in an X post. According to Chaofan, DeltaPrime lost over $7M worth of crypto assets in an apparent hack, which stemmed from an admin private key leak.
Admin Private Key Loss Led To The Theft
The two X posts revealed that the likely cause of the DeltaPrime hack is an admin private key breach on the Arbitrum version of the protocol.
The exploiter reportedly gained control of the admin key 0xx40e4ff9e018462ce71fa34abdfa27b8c5e2b1afb. The exploiter then redirected the key to point to malicious contract 0xD4CA224a176A59ed1a346FA86C3e921e01659E73.
The hack affected the DPBTCb, DPARB, and DPUSDC pools, which are the on-chain lockers holding BTC, ARB, and USDC.
Aside from Arbitrum, DeltaPrime also has a version of its protocol on the Avalanche network. At the time of writing, there was no report that the Avalanche version of the protocol is vulnerable to cyberattacks.
Currently, borrowing and lending have been halted on the platform, but the DeltaPrime team has announced on their Discord channel that they are investigating the issue.
Also, the protocol’s native token, PRIME, plunged by about 6.6% following the incident.
North Korean Hackers Likely Involved In The Hack
ZachXBT, a notable blockchain investigator and analyst, revealed that North Korean hackers may likely be involved in the recent DeltaPrime hack.
ZachXBT mentioned that the DeFi platform had previously hired IT workers from North Korea. Although the IT workers have been removed for a long time, there may be a possible connection between them and the recent hack.
The DeltaPrime hack comes barely two months after an Indian exchange giant, WazirX, suffered a $235M hack in the second-largest crypto exchange exploit of 2024 so far.
Last week, Indodax, a popular Indonesian crypto platform, was hacked, losing about $22M in crypto assets across multiple networks.
