According to information shared by Cyvers Alerts, the wallet of the decentralized financial project DeltaPrime was suspected of leaking its private key and was attacked this afternoon, resulting in the loss of more than $6 million worth of cryptocurrency. The project has deployed contracts on both the Arbitrum and Avalanche blockchains, and this attack only involved the Arbitrum version.
ALERT@DeltaPrimeDefi has faced a security incident on their admin keys. Attacker had control on the private key of 0x40e4ff9e018462ce71fa34abdfa27b8c5e2b1afbthen he upgraded the proxy!So far $5.93M has been drained!Want to keep your company off our alerts radar? Learn⊠https://t.co/yOmNZJyp5l pic.twitter.com/lztFvXVmfI
â Cyvers Alerts (@CyversAlerts) September 16, 2024
Security company Cyvers stated that the situation with DeltaPrime appears to be caused by the leakage of the administrator's private key, and the affected fund pools currently include DPUSDC, DPARB, and DPBTCb. At the same time, the DeltaPrime team also issued an announcement confirming the news and stating that the team is investigating and handling the issue.
DeltaPrime Blue exploited, this is the current status:At 6:14 AM CET DeltaPrime Blue (Arbitrum) was attacked and drained for $5.98M. This was due to a compromised private key, the source of which is currently under investigation. DeltaPrime Red (Avalanche) is not vulnerableâŠ
â DeltaPrime (@DeltaPrimeDefi) September 16, 2024
Fuzzland founder Chaofan Shou explained the attack in detail on X. Chaofan Shou said that the hackers first took control of the administrator address of the proxy contract, 0xx40e4ff9e018462ce71fa34abdfa27b8c5e2b1afb. Subsequently, the hacker upgraded the proxy contract to point to the malicious contract 0xD4CA224a176A59ed1a346FA86C3e921e01659E73, thereby stealing funds.
Delta Prime @DeltaPrimeDefi admin private key leaked. All pools are drained. $7M loss already. Withdraw ASAP!https://t.co/uNn5nZoHp3 pic.twitter.com/se3RebRjpX
â Chaofan Shou (@shoucccc) September 16, 2024
The proxy contract is a contract that interacts with users and other contracts. It has simple logic and is used as an intermediary. However, it is an important component of many on-chain protocols because once it is destroyed, the entire protocol may be affected.
On-chain detective ZachXBT also posted on All North Korean workers have been fired.
Source
