$6M in tokens drained from DeltaPrime

DeltaPrime, a decentralized finance (DeFi) platform, suffered a significant security breach resulting in the loss of over $6 million due to a private key leak. The attack affected only the Arbitrum version of DeltaPrime, while the platform’s deployment on Avalanche remained unaffected. The exploit allowed a hacker to gain control over the admin proxy by redirecting it to a malicious contract, draining funds from various pools holding tokens such as USDC, ARB, and Bitcoin.

• The attack was limited to the Arbitrum deployment of DeltaPrime, leaving the Avalanche version untouched.
• The hacker exploited an admin proxy, upgrading it to point to a malicious contract, which enabled the theft.
• DeltaPrime has acknowledged the breach and is working on asset retrieval and reducing user losses through insurance pools and other measures.

The hacker initially siphoned $4.5 million but continued the attack, ultimately reaching over $6 million in stolen funds. DeltaPrime’s team confirmed they are investigating the incident and focusing on asset recovery. Security firm Cyvers detected the suspicious transactions, and Fuzzland founder Chaofan Shou provided further details on the hack.

This breach has impacted the confidence of users, leading to a 6.5% drop in the value of DeltaPrime’s PRIME tokens. Meanwhile, the project is focusing on mitigating the damage and ensuring the security of its remaining assets on the platform.