DeltaPrime DeFi protocol breached in $5.9 million attack

DeltaPrime's wallets have been compromised, leading to a loss of over $5.9 million. A hacker exploited the Arbitrum part of the protocol.

Sep 16, 2024 - 13:39
 0
DeltaPrime DeFi protocol breached in $5.9 million attack

DeltaPrime’s wallets have been compromised, leading to a loss of over $5.9 million. A hacker exploited the Arbitrum part of the protocol, hijacking an admin proxy and rerouting it to a malicious contract.

A hacker seizes control of DeltaPrime’s wallets

During European morning hours, Cyvers Alerts, a blockchain security platform, first raised alarms about the attack on DeltaPrime. The platform reported a hacker had taken over an admin wallet and was still draining multiple funds. At that time, about $4.5 million had already been lost and exchanged for $ETH.

In another post, Cyvers Alerts confirmed that over $5.93 million had been stolen, claiming the hacker seized control of the private key, 0x40e4ff9e018462ce71fa34abdfa27b8c5e2b1afb, before upgrading the proxy.

According to Chaofan Shan, the founder of Fuzzland, the hacker redirected funds from the admin proxy to a malicious contract identified as 0xD4CA224a176A59ed1a346FA86C3e921e01659E73. 

Shan stated that the malicious contract might “inflate” the hacker’s deposited sums in all pools, estimating a loss of $6 million for DeltaPrime.

This latest attack comes on the heels of a July hack that resulted in a $1 million loss affecting 13 different accounts. However, DeltaPrime was able to recover roughly $900,000 from that incident and used $100,000 from its stability pool to  compensate affected users.

ZachXBT links the attack to North Korea’s Lazarus Group

ZachXBT, a crypto investigator, commented on the latest DeltaPrime attack, citing similarities in the techniques used to those of North Korea’s Lazarus hackers, who have actively targeted and attacked DeFi protocols.

ZachXBT revealed that the attacker’s strategy involved transferring stolen assets between chains and funnelling large sums into privacy services like Tornado Cash, effectively concealing the origins of the funds.

In August 2024, he raised concerns over Lazarus group members who he pinged to have fabricated fake identities and earned jobs as IT workers and developers before sabotaging and stealing sensitive data. 

What's Your Reaction?

like

dislike

love

funny

angry

sad

wow

CryptoFortress Disclosure: This article does not represent investment advice. The content and materials featured on this page are for educational purposes only.