Delta Prime Loses $5.98M to Ongoing Attack on Admin Keys

Delta Prime suffers a multimillion-dollar security breach that is likely โ€œongoingโ€, according to security experts.

by . Fact checked by: Ciaran Lawler, Editor: Nazar Kuzmyn
Published:
Little boy sitting on the floor throwing a tantrum as he is not recieving any airdrops.
Created by Gabor Kovacs from DailyCoin
Google News Follow Button
  • DeFi platform Delta Prime has been hacked for millions.
  • Security experts flagged the attack as โ€œongoing.โ€
  • The total loss arising from the incident โ€œmight increase.โ€

Decentralized borrowing protocol Delta Prime is the latest crypto platform to suffer a security breach, losing millions barely a week after Indonesiaโ€™s largest exchange Indodax was hacked for $22 million.

On Monday, blockchain security firm Cyvers flagged multiple suspicious transactions involving the DeFi platform on the Arbitrum chain, noting that the attackerโ€™s address was draining funds from various lending pools, including DPUSDC, DPARB, and DPBTCb.

The Hack Is Ongoing

Noting that Delta Primeโ€™s admin could have lost the platformโ€™s private key, Cyvers estimated the hackโ€™s loss at $4.5 million and cautioned that this figure โ€œmight increaseโ€ as the suspicious address was still draining the pools.

Sponsored

Cyvers issued a second update, confirming that the attacker had taken control of the private key before upgrading the proxy to point to a malicious contract. Per Fuzzland co-founder Chaofan Shou, the malicious contract could โ€œinflateโ€ the hackerโ€™s deposited amount on all pools.

While Cyvers noted that $5.93 million had been drained, Shou estimated the loss at $6 million.

Two hours after Cyversโ€™ and Shouโ€™s alerts, Delta Prime issued an update, noting that the attacker had drained its Arbitrum market for $5.98 million.

โ€œThis was due to a compromised private key, the source of which is currently under investigation,โ€ Delta Prime wrote on X. โ€œThe risk is contained, we're working on asset-retrieval and the insurance pool will cover any potential losses where possible / necessary. Additionally, we're looking into other ways to reduce user losses to a minimum.โ€

The protocol said it would keep users updated on further steps following the incident and clarified that its lending market on Avalanche was not vulnerable to the attack.

Stay updated on how stablecoin issuers blacklisted the Lazarus Group:
Tether and Others Freeze Millions Tied to Lazarus Group Wallets

Read about the new malware targeting crypto users on Android:
Crypto Hack Alert: New SpyAgent Malware Targets Android

This article is for information purposes only and should not be considered trading or investment advice. Nothing herein shall be construed as financial, legal, or tax advice. Trading forex, cryptocurrencies, and CFDs pose a considerable risk of loss.

Tags
Author
Brian Danga
Brian Danga

Brian Danga is a crypto reporter at DailyCoin covering breaking news. Brian has minor holdings in Bitcoin and Ethereum.

Read more