Back Icon Image
News list

Arbitrum DeFi Project DeltaPrime Hacked for $6 Million Due to Private Key Leak

Article is form zombit
September 16, 2024
This article is translated by ChatGPT Show original
Back Icon Image

According to information shared by Cyvers Alerts, the decentralized finance project DeltaPrime has suffered a security incident. The incident involved the alleged leak of a private key, resulting in an attack that drained over $6 million in cryptocurrency. The project has deployed contracts on both the Arbitrum and Avalanche blockchains, but the attack targeted only the Arbitrum version.

🚨ALERT🚨@DeltaPrimeDefi has faced a security incident on their admin keys.
Attacker had control on the private key of 0x40e4ff9e018462ce71fa34abdfa27b8c5e2b1afb
then he upgraded the proxy!

So far $5.93M has been drained!

Want to keep your company off our alerts radar? Learn… https://t.co/yOmNZJyp5l pic.twitter.com/lztFvXVmfI

— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) September 16, 2024

The security firm Cyvers states that the situation with DeltaPrime appears to be caused by a leaked administrator private key. The affected liquidity pools currently include DPUSDC, DPARB, and DPBTCb. Meanwhile, the DeltaPrime team has released a statement confirming the news, stating that they are investigating and addressing the issue.

DeltaPrime Blue exploited, this is the current status:

At 6:14 AM CET DeltaPrime Blue (Arbitrum) was attacked and drained for $5.98M. This was due to a compromised private key, the source of which is currently under investigation.

DeltaPrime Red (Avalanche) is not vulnerable…

— DeltaPrime (@DeltaPrimeDefi) September 16, 2024

Chaofan Shou, founder of Fuzzland, provided a detailed explanation of the attack incident on X. Chaofan Shou stated that the hacker first gained control of the administrator address 0x40e4ff9e018462ce71fa34abdfa27b8c5e2b1afb associated with the proxy contract. The hacker then upgraded the proxy contract to point to a malicious contract 0xD4CA224a176A59ed1a346FA86C3e921e01659E73, ultimately enabling them to steal funds.

Delta Prime @DeltaPrimeDefi admin private key leaked. All pools are drained. $7M loss already. Withdraw ASAP!https://t.co/uNn5nZoHp3 pic.twitter.com/se3RebRjpX

— Chaofan Shou (@shoucccc) September 16, 2024

Proxy contracts serve as intermediaries, interacting with users and other contracts. Although their internal logic is simple, they are critical components of many on-chain protocols. Once compromised, the entire protocol can be affected.

On-chain investigator ZachXBT posted on X, stating that while the connection is uncertain, he had previously warned the DeltaPrime team about the presence of North Korean IT workers within their team. At the time, the team had responded that all North Korean workers had been dismissed.

Back Icon Image
Source
1. Disclaimer: The views expressed are solely those of the author and do not reflect the stance of Gen3. They are not intended as investment advice.
2. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as investment or other advice.