Delta Prime has suffered a loss of $4.7 million on Avalanche and Arbitrum. According to sources, the protocol on both networks is now offline following the incident. The protocol has also closed all transactions after discovering the vulnerability to limit the extent of the harm.
The platform reportedly lost assets worth $4.7 million on both chains following the attack. This is the second attack on the platform following a previous one that occurred on September 19. Delta Prime’s wallets were compromised, leading to a loss of $5.9 million. According to on-chain sleuth ZachXBT, the attack was carried out by the famous North Korean group Lazarus.
Delta Prime suffers a second exploit
In the previous attack, the hackers gained access to the private keys of the wallets, leading to the theft of the funds in them. However, this present hack did not affect any token owned by the platform. However, it was discovered that some of its reward mechanisms were flawed.
As with most exploits, the hackers send out phishing links to their unsuspecting victims. Through these links, which lead to fake websites, the hackers can trick them into releasing their details.
Delta Prime presently has about $35 million in total value locked (TVL). Before the hack in September, the platform’s TVL was as high as $65 million. The platform’s token PRIME loss of value and the drop in user trust led to the drop in its TVL. However, the protocol was in recovery before this second exploit happened.
The distance between both hacks is just two months, mirroring the case of Cosmos. The hackers posed as developers working on the code for a while to steal the funds. Although it has yet to suffer any exploit, it raises questions about the security of smart contracts in the DeFi industry.
The hackers breached the protocol’s reward mechanism
Peckshield experts have noted that the hackers were able to exploit the platform’s reward smart contract. The hacker breached the smart contract after acquiring administrator privileges on a side contract involved in loan creation and funding. The side contract SmartLoansFactory was also used to manage the Borrowers Registry, a smart contract that keeps the data of loan creators.
Delta Prime was designed for leveraged farming, enabling users to borrow and deposit funds in yield farming platforms. Its reward mechanism had a flaw that rewarded the hacker for a fake pair. Peckshield noted that the mechanism failed to verify the hacker, thus letting him keep both borrowed funds and the collateral.
According to CertiK, the hackers tried to borrow WBTC and kept both collateral and the loan. The hack occurred despite the platform’s recent audit done by Peckshield. The platform did seven audits, completing the last one in the summer.
The hacker stole 6.34 BTC, 110 AVAX, 860k USDC, and 260k USDT among other tokens. After the hacker sent some funds to intermediary wallets, he moved some back to DeFi platforms. The hacker has yet to move or bridge the funds, with the wallet used to carry out the act still interacting with other Arbitrum swap and DeFi protocols after the hack was discovered.
The wallets involved were recently created, with most funded from DEX sources. The wallets had no history or activities before the hack. Some funds are still on Avalanche, while others were moved. Some are on Avalanche’s C-chain, while others are being used to provide liquidity. The two attacks were done separately for each chain, with the hackers using five identified wallets.
The post Delta Prime suffers $4.7 million exploit on Avalanche and Arbitrum first appeared on Coinfea.
