Breaking
December 11, 2024

Private Key Leak at DeltaPrime Results in $6 Million Hack | usagoldmines.com

TLDR:

DeltaPrime, a crypto broker, lost over $6 million due to a private key leak
The exploit affected only the Arbitrum version of the project
A hacker gained control of an admin proxy, redirecting it to a malicious contract
This is DeltaPrime’s second hack in two months, following a $1 million loss in July
There are allegations of previous links between DeltaPrime and North Korean IT workers

On September 16, 2024, DeltaPrime, a decentralized borrowing protocol and crypto broker, experienced a significant security breach resulting in the loss of over $6 million in various tokens. The exploit, which affected only the Arbitrum version of the project, was reportedly caused by a private key leak.

Security researchers identified the issue early Monday morning, noting that the hacker had gained control of an admin proxy. This allowed the attacker to upgrade the proxies to point to a malicious contract, effectively draining funds from multiple pools on the platform.

The affected pools included DPUSDC, DPARB, and DPBTCb, which hold USDC stablecoins, Arbitrum’s ARB, and bitcoin (BTC) respectively.

Delta Prime @DeltaPrimeDefi admin private key leaked. All pools are drained. $7M loss already. Withdraw ASAP!https://t.co/uNn5nZoHp3 pic.twitter.com/se3RebRjpX

— Chaofan Shou (@shoucccc) September 16, 2024

Cyvers, a blockchain security firm, confirmed the exploit in a message to CoinDesk, stating that they had detected “multiple suspicious transactions” involving DeltaPrime.

The firm suggested that the admin had lost control of the private key, leading to the unauthorized access.

As of European morning hours on the day of the attack, users were unable to withdraw funds from the Arbitrum version of DeltaPrime due to the platform’s borrowing and lending mechanisms.

The DeltaPrime team acknowledged the issue on their Discord channel and X account, stating that they were investigating and working to resolve the problem.

DeltaPrime Blue exploited, this is the current status:

At 6:14 AM CET DeltaPrime Blue (Arbitrum) was attacked and drained for $5.98M. This was due to a compromised private key, the source of which is currently under investigation.

DeltaPrime Red (Avalanche) is not vulnerable…

— DeltaPrime (@DeltaPrimeDefi) September 16, 2024

This incident marks the second security breach for DeltaPrime in recent months. In July 2024, the protocol suffered a $1 million hack due to a misconfiguration that allowed an attacker to transfer ownership of accounts, repay loans, and withdraw collateral.

Following that attack, DeltaPrime claimed to have re-audited its code and resolved the issue, as well as compensating affected users.

The repeated security breaches have raised concerns about DeltaPrime’s overall security measures. Adding to these concerns are allegations made by blockchain investigator ZachXBT, who claimed that DeltaPrime had previously hired North Korean IT workers.

While DeltaPrime reportedly removed the flagged individuals after being warned, the potential connection between the recent hack and North Korea remains unclear.

North Korean hackers have been linked to several high-profile crypto hacks in the past, including a $235 million breach at WazirX and a $20 million exploit at the Indodax exchange. These actors are known to infiltrate crypto firms to gain insider access, which they then use to carry out targeted exploits.

In the aftermath of the latest attack, DeltaPrime’s native token, PRIME, experienced a 6.5% drop in value over 24 hours, aligning with a broader market decline led by Ethereum (ETH).

The post Private Key Leak at DeltaPrime Results in $6 Million Hack appeared first on Blockonomi.

 

Recent:

CrossFi: Crypto Banking and Blockchain Solutions Nicholas Say | usagoldmines.com
Tornado Cash Ruling Leads to Market-Wide DeFi Token Surge Oliver Dale | usagoldmines.com
Sui Adds Liquid Staking Token Standard Camille Lemmens | usagoldmines.com
Solana’s DeFi Ecosystem Expands to $5.7 Billion TVL as Platform Gains Users and Institutional Intere...
Kraken Announces Ink: New Ethereum L2 Blockchain for 2025 Launch Oliver Dale | usagoldmines.com
MakerDAO Considers Reverting Sky Rebrand as SKY Token Struggles to Gain Traction Oliver Dale | usago...
This is Why Uniswap’s L2 Shift Puts Ethereum at Risk Camille Lemmens | usagoldmines.com
Trump-Backed World Liberty Financial Proposes Launch on Aave’s Ethereum Platform Oliver Dale | usago...
Introduction to Autolayer | usagoldmines.com
DeFi Protocol Synthetix to Expand to Solana Following Community Vote | usagoldmines.com
Trump-backed DeFi Platform Prepares to Onboard Users | usagoldmines.com
Justin Sun Addresses USDD Stablecoin’s $732 Million Bitcoin Collateral Removal | usagoldmines.com
$2 million in 2 Weeks, Jaredfromsubway.eth Returns: MEV Bot Launches New DeFi Attacks | usagoldmines...
Drift Launches BET: A DeFi-Integrated Prediction Market on Solana | usagoldmines.com
Trump Family’s Crypto Venture “World Liberty Financial” Launches on Monday | usagoldmines.com
Aave Considers Integration of Coinbase’s cbBTC, Sparking Community Debate | usagoldmines.com
From Zero to $1 Billion: PayPal’s PYUSD Stablecoin Success Story | usagoldmines.com
Ondo Finance Expands USDY Yieldcoin to Arbitrum, Boosting Real-World Assets in DeFi | usagoldmines.c...
Binance Labs Invests in OpenEden to Boost Real-World Asset Tokenization in DeFi | usagoldmines.com
Sky Protocol Votes to Remove Wrapped Bitcoin as Collateral Amid Custodian Concerns | usagoldmines.co...
Introduction to RocketX | usagoldmines.com
Why the RWA Sector Accumulated $5.8 Billion in 3 Months? | usagoldmines.com
How to Earn USDC Yield in Kamino Finance | usagoldmines.com
Mantle Offers High Yield for Your ETH | usagoldmines.com
Quick Unstaking Guide: Bypassing Bonding Period | usagoldmines.com
The ULTIMATE Guide to Crypto Staking  | usagoldmines.com
How to Farm Yield in Pendle | usagoldmines.com
PARSIQ’s Reactive Network Makes Cross-Chain Trading Easier | usagoldmines.com
Elys Network, an Introduction | usagoldmines.com
What Are The Risks to Liquid Staking? | usagoldmines.com

Leave a Reply