Best crypto insights delivered straight to your inbox.
- DeltaPrime DeFi protocol‘s admin wallet was breached, leading to a loss of over $5.9 million.
- In a separate event in July 2024, the DeFi platform was also attacked losing about $1 million. It recovered 90% of the funds.
- ZachXBT notices similar traits in the recent DeltaPrime attack to those of North Korea’s Lazarus group.
DeltaPrime’s wallets have been compromised, leading to a loss of over $5.9 million. A hacker exploited the Arbitrum part of the protocol, hijacking an admin proxy and rerouting it to a malicious contract.
A hacker seizes control of DeltaPrime’s wallets
During European morning hours, Cyvers Alerts, a blockchain security platform, first raised alarms about the attack on DeltaPrime. The platform reported a hacker had taken over an admin wallet and was still draining multiple funds. At that time, about $4.5 million had already been lost and exchanged for $ETH.
🚨ALERT🚨@DeltaPrimeDefi has faced a security incident on their admin keys.
— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) September 16, 2024
Attacker had control on the private key of 0x40e4ff9e018462ce71fa34abdfa27b8c5e2b1afb
then he upgraded the proxy!
So far $5.93M has been drained!
Want to keep your company off our alerts radar? Learn… https://t.co/yOmNZJyp5l pic.twitter.com/lztFvXVmfI
In another post, Cyvers Alerts confirmed that over $5.93 million had been stolen, claiming the hacker seized control of the private key, 0x40e4ff9e018462ce71fa34abdfa27b8c5e2b1afb, before upgrading the proxy.
According to Chaofan Shan, the founder of Fuzzland, the hacker redirected funds from the admin proxy to a malicious contract identified as 0xD4CA224a176A59ed1a346FA86C3e921e01659E73.
Shan stated that the malicious contract might “inflate” the hacker’s deposited sums in all pools, estimating a loss of $6 million for DeltaPrime.
This latest attack comes on the heels of a July hack that resulted in a $1 million loss affecting 13 different accounts. However, DeltaPrime was able to recover roughly $900,000 from that incident and used $100,000 from its stability pool to compensate affected users.
ZachXBT links the attack to North Korea’s Lazarus Group
ZachXBT, a crypto investigator, commented on the latest DeltaPrime attack, citing similarities in the techniques used to those of North Korea’s Lazarus hackers, who have actively targeted and attacked DeFi protocols.
ZachXBT revealed that the attacker’s strategy involved transferring stolen assets between chains and funnelling large sums into privacy services like Tornado Cash, effectively concealing the origins of the funds.
In August 2024, he raised concerns over Lazarus group members who he pinged to have fabricated fake identities and earned jobs as IT workers and developers before sabotaging and stealing sensitive data.
The smartest crypto minds already read our newsletter. Want in? Join them.
Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.
Nellius Irene
Nellius is a Business Management and IT graduate with five years of experience in the cryptocurrency industry. She is also a graduate of Bitcoin Dada. Nellius has contributed to leading media publications, including BanklessTimes, Cryptobasic, and Riseup Media.
CRASH COURSE
- Which cryptocurrencies can make you money
- How to boost your security with a wallet (and which ones are actually worth using)
- Little-known investment strategies that the pros use
- How to get started investing in crypto (which exchanges to use, the best crypto to buy etc)