Decentralized borrowing protocol DeltaPrime has reportedly suffered a multi-million dollar hack, with suspicions pointing to entities linked to North Korea.
DeltaPrime (PRIME), a decentralized borrowing protocol backed by Avalanche and GSR Markets, was hit by a $4 million hack stemming from an admin private key leak, fuzzland co-founder Chaofan Shou said in a Sept. 16 post on X.
Delta Prime @DeltaPrimeDefi admin private key leaked. All pools are drained. $7M loss already. Withdraw ASAP!https://t.co/uNn5nZoHp3 pic.twitter.com/se3RebRjpX
— Chaofan Shou (@shoucccc) September 16, 2024
While the exact circumstances behind the private key breach remain unclear, blockchain investigator ZachXBT noted that DeltaPrime had previously employed North Korean IT workers. However, the analyst emphasized that all flagged personnel had been removed, leaving questions about any connection between the hack and North Korea unresolved.
Blockchain researchers at Cyvers Alerts pointed out in an X post that the hack targeted the protocol’s version rolled out on Arbitrum, adding that the hacker has already swapped the stolen USD Coin (USDC) to Ethereum (ETH).
“It seems that admin has lost the private key. Suspicious address still draining the pools! Affected pools so far are the DPUSDC, DPARB, DPBTCb!”
Cyvers Alerts
In addition to Arbitrum, DeltaPrime also has a protocol launched on the Avalanche network, though no reports have been made on whether that protocol is also vulnerable to attacks. Following the hack, DeltaPrime’s native token PRIME plunged 6% to $1. As of press time, the DeltaPrime team made no public statements on the matter.
First launched on the Avalanche network in January 2023, DeltaPrime attracted over $63 million in total value locked and unlocked more than $20 million in liquidity, the protocol says on its official website. The protocol secured funding from Avalanche, GSR Capital, Moonhill Capital, and Uplift, among others.
Read more: North Korea ‘aggressively targeting’ crypto firms, warns FBI