DeltaPrime, an on-chain brokerage platform, has fallen victim to a significant security breach early Monday, resulting in the loss of over $6 million in various tokens. According to security researchers on X, the exploit was caused by a private key leak that allowed the attacker to gain control over the platform’s administrative functions.
The exploit specifically impacted DeltaPrime’s deployment on the Arbitrum blockchain. DeltaPrime, which operates on both Arbitrum and Avalanche blockchains, confirmed that only the Arbitrum version was compromised. Users on Arbitrum are unable to withdraw funds due to the platform’s borrowing and lending mechanisms, which rely on proxies to interact with contracts and users.
Chaofan Shou, founder of security firm Fuzzland, explained that the hacker managed to gain control over the admin account of the proxies, specifically wallet 0xx40e4ff9e018462ce71fa34abdfa27b8c5e2b1afb. The hacker then upgraded these proxies, redirecting them to a malicious contract, 0xD4CA224a176A59ed1a346FA86C3e921e01659E73, effectively gaining control of the protocol’s key functionalities.
Proxies, which serve as intermediaries in blockchain applications, are crucial to the security and operation of decentralized finance (DeFi) platforms, making this breach particularly damaging.
DeltaPrime’s team, while investigating the issue, has yet to formally confirm the exploit on their Discord channel, but did acknowledge that they were working on resolving the situation. Meanwhile, DeltaPrime’s native PRIME token dropped 5% in the past 24 hours.
Security firm Cyvers confirmed the exploit, noting it had detected multiple suspicious transactions involving DeltaPrime’s on-chain pools. The compromised pools included those holding USDC stablecoins, Arbitrum’s native token ARB, and bitcoin (BTC). Cyvers stated that the breach occurred after the platform’s admin lost access to its private key, granting the attacker full control over key aspects of the protocol.
The DeltaPrime breach adds to the growing list of recent crypto attacks. Just last week, renowned Indonesian cryptocurrency exchange Indodax suffered a security breach that resulted in the loss of $15.7 million.
Moreover, in July, India’s leading crypto exchange WazirX also reported a major security exploit, losing around $235 million worth of funds.
Qubetics transforms blockchain, Zignaly unlocks wealth and StakeLayer innovates multichain staking..
Monkey-themed meme coin MoonBag, which launched on Uniswap and LBank after..
Join Qubetics' live presale and unlock an 1800% ROI while navigating..
Stay ahead in crypto with AltcoinDaily.co! Get the latest news, expert analysis, and blockchain insights. Your trusted source for all things cryptocurrency. 🚀💰
Join Now