DeltaPrime lost $6 million to hackers.
Deltaprime suffered a similar attack that resulted in the loss of $1 million in July.
DeFi protocol DeltaPrime has been hit by a $6 million exploit, according to blockchain security firm Cyvers. On September 16, Cyvers disclosed that the breach resulted from a compromised “admin key.” The company’s CTO, Meir Dolev, explained to CryptoSlate that the hacker gained control of the wallet, which functions as the admin for DeltaPrime’s proxy contracts. The attacker then upgraded these contracts to connect to a malicious one, enabling the theft of assets from DeltaPrime pools on the Arbitrum chain.
Cyvers also mentioned that the hacker has begun converting part of the stolen assets into Ethereum. As of the time of reporting, DeltaPrime has not released any public comments about the exploit.
This incident follows another breach that occurred just two months earlier, in July, when DeltaPrime was targeted in a $1 million hack. During that attack, the hacker compromised 13 different Prime Accounts due to a misconfiguration, allowing them to take control, repay loans, and withdraw collateral. DeltaPrime had since re-audited its code, resolved the vulnerability, and compensated affected users, returning $900,000 recovered from the hacker and covering the remaining $100,000 from its stability pool.
On-chain investigator ZachXBT pointed out that DeltaPrime had previously employed North Korean IT workers, an issue he had raised with the platform earlier this year. Although DeltaPrime claimed it had removed the flagged individuals, there is still uncertainty over whether the latest hack is linked to North Korea. North Korean hackers have been implicated in various major crypto breaches, including the $235 million WazirX hack and a $20 million exploit of the Indodax exchange.
North Korean cybercriminals are notorious for infiltrating crypto companies to gain insider knowledge, which they later exploit to conduct targeted attacks.