A big hack happened on Delta Prime, a decentralized finance (DeFi) website, and about $6 million worth of cryptocurrency was stolen. Hackers used a weakness in the platform’s secret keys to get into the manager wallet and cause the breach. The attackers continued to take money from Delta Prime’s liquidity pools on the Arbitrum blockchain, and the attack got worse. At first, $4.5 million was lost.
On-chain security experts say that the hackers switched stablecoins like USDC for Ethereum (ETH) to hide their tracks. As the attack went on, more and more money was stolen until almost $6 million was gone. The event has caused concern in the DeFi community as it is one more example of the growing number of cyberattacks aimed at decentralized platforms.
🚨ALERT🚨Our system has detected multiple suspicious transactions involving @DeltaPrimeDefi on $ARB chain! (Still ongoing)
— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) September 16, 2024
It seems that admin has lost the private key. Suspicious address still draining the pools! Affected pools so far are the #DPUSDC, #DPARB, #DPBTCb !… pic.twitter.com/8sXanAaCwe
Cybersecurity company Cyvers, which keeps an eye on blockchain activity, said that the hackers got into Delta Prime’s wallet and changed its smart contracts so that money would go to a bad address. This let them take money out of a number of trading pools, such as those connected to USD Coin, Arbitrum, and Bitcoin-based coins.
Delta Prime’s team got some power back, but the damage was already done. The platform revealed that its Arbitrum-based DeltaPrime Blue contract had been hacked, but it reassured users that DeltaPrime Red, which runs on the Avalanche blockchain and has stricter security measures like multisignature wallets and cold storage, had not been impacted.
🚨ALERT🚨@DeltaPrimeDefi has faced a security incident on their admin keys.
— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) September 16, 2024
Attacker had control on the private key of 0xx40e4ff9e018462ce71fa34abdfa27b8c5e2b1afb
then he upgraded the proxy!
So far $5.93M has been drained!
Want to keep your company off our alerts radar? Learn… https://t.co/yOmNZJyp5l pic.twitter.com/7QJfVUZqSU
Even so, the attack has made people question the platform’s security, especially the fact that some contracts don’t have timelocks, which could have stopped the breach. Some users said the situation could have been avoided because the platform didn’t use the same security steps for all chains.
Delta Prime said after the breach that it is trying to get back the stolen items and that its insurance pool will help cover user loses where it can. Additionally, the company is looking into other ways to lessen the financial burden on its users.
The attack on Delta Prime is the most recent in a string of high-profile hacks in 2024 that have targeted the DeFi sector. This shows that the space is still dangerous. Although there is some talk that North Korean hackers, possibly including the notorious Lazarus Group, may have been involved, there is no solid proof that they were.
Hackers are still going after decentralized platforms, and this event has made people even more worried about their security. As DeFi gets more famous, systems like Delta Prime are under more and more pressure to make their security stronger to keep users safe from future attacks like this one.
