Back Icon Image
News list

DeFi Protocol DeltaPrime Suffers $5.9 Million Loss in Private Key Exploit

Article is form decrypt
September 16, 2024
Translate
Back Icon Image

Decrypt’s Art, Fashion, and Entertainment Hub.

Discover SCENECrypto cybersecurity firm Cyvers has reported a security incident affecting DeltaPrime, a decentralized finance (DeFi) protocol on the Arbitrum network.

According to a tweet from Cyvers, the ongoing incident resulted in an initial estimated loss of $4.5 million—subsequently updated to $5.93 million as a “suspicious address” continued to drain funds from DeltaPrime’s liquidity pools.

🚨ALERT🚨@DeltaPrimeDefi has faced a security incident on their admin keys.
Attacker had control on the private key of 0x40e4ff9e018462ce71fa34abdfa27b8c5e2b1afb
then he upgraded the proxy!

So far $5.93M has been drained!

Want to keep your company off our alerts radar? Learn… https://t.co/yOmNZJyp5l pic.twitter.com/lztFvXVmfI

— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) September 16, 2024

ADADThe security firm stated that their system detected “multiple suspicious transactions” involving DeltaPrime on the Arbitrum (ARB) chain, adding that the protocol's administrator may have lost control of their private key, leading to unauthorized access to the platform's smart contracts.

Control over this key allowed the entity to update the proxy smart contract to execute the attack.

The incident has affected several of DeltaPrime's liquidity pools, including DPUSDC, DPARB, and DPBTCb. Cyvers noted that the address associated with the suspicious activity has begun converting USDC tokens to Ethereum (ETH).

The news follows mid-July reports that cross-chain DeFi protocol Li.Fi is suspected to have lost about $11 million in cryptocurrencies in an exploit. Reports at the time indicated that a wallet linked to the hack held nearly $6 million in Ethereum alongside numerous stablecoins.

In a similar early August incident, cross-chain gaming-focused bridge Ronin saw $12 million siphoned from its wallets by white-hat hackers. They subsequently contacted Ronin’s developers to arrange for the return of the funds that they had preemptively siphoned from the bridge in order to prevent a bad-faith hack.

ADADEdited by Stacy Elliott.

Daily Debrief Newsletter

Start every day with the top news stories right now, plus original features, a podcast, videos and more.Your EmailGet it!Get it!

Back Icon Image
Source
1. Disclaimer: The views expressed are solely those of the author and do not reflect the stance of Gen3. They are not intended as investment advice.
2. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as investment or other advice.