Beosin: DeltaPrime Project Suspected Private Key Leak, Multiple Key Contracts Maliciously Upgraded, $5.9 Million Lost
According to a report from Golden Finance, blockchain security audit firm Beosin Alert has detected a suspected private key leak in the DeltaPrime project. This resulted in the malicious upgrade of several key contracts, leading to the theft of approximately $5.9 million in assets.
Beosin's security team analysis revealed that the root cause of this unusual behavior was the modification of the interest calculation contracts for multiple lending pools within the project to malicious attack contracts. This enabled the attackers to extract assets from the pools. Additionally, the attackers persistently exploited the vulnerability, immediately withdrawing funds whenever users deposited assets into the pools. As of now, the accumulated losses amount to roughly $5.9 million, with all stolen tokens converted to ETH and held at the address 0xd550cfeA0BFFDC81B2dEe7B6d915D9D9e31d83A2.