Delta Prime, a decentralized finance (DeFi) platform, fell victim to a major hack, losing over $6 million worth of cryptocurrency. The attack was mainly focused on the Arbitrum blockchain. After investigation, it was found that the attack was linked to a private key leak. This enabled the hackers to gain access to the admin wallet of the platform. After gaining access, the scammers altered prominent proxy smart contracts to a malicious address. Further, they took control of funds, including USDC, Arbitrum, and Bitcoin.
According to an official post from the platform on its X profile, the security researchers discovered the suspicious activities. Although Delta Prime works on the Arbitrum (Blue) and Avalanche (Red) blockchains simultaneously, only Arbitrum was affected. As Avalanche was a cold wallet, the security was not breached. Delta Prime assured its users that action was initiated to retrieve the assets and cover potential losses.
DeltaPrime Blue exploited, this is the current status:
— DeltaPrime (@DeltaPrimeDefi) September 16, 2024
At 6:14 AM CET DeltaPrime Blue (Arbitrum) was attacked and drained for $5.98M. This was due to a compromised private key, the source of which is currently under investigation.
DeltaPrime Red (Avalanche) is not vulnerable…
However, this breach affected users from using the chain to access their funds. This was because the attack led to more exposure within the lending and borrowing protocols. Following the attack, the scammers moved to launder the stolen funds into Ethereum with the help of Tornado Cash. Interestingly, the official Avalanche Discord reported a security breach in August through their X profile. The Avalanche platform ordered its users not to interact or click links until the issue was resolved.
Crypto Scams Escalate, Inferno Drainer DApps Triple in UsageMarket observers attributed the attack to Lazarus Group, a North Korean hacker group. Many observed that the pattern in which the Delta Prime was affected was similar to the style of the Lazarus group. ZachXBT, an analyst, raised concerns that the group infiltrates crypto organizations through social engineering techniques.
Further, he added that the group members would pose like professional IT developers and later exploit the company data. ZachXBT concluded his thoughts by hinting that the group backed by the state has become more sophisticated and is targeting DeFi systems.
The Lazarus Group was earlier suspected of attacking the Indian crypto exchange WazirX. Earlier this month, the platform lost over $230 million in various cryptocurrencies. A hacker exploited a vulnerability in one of the exchange’s wallets and moved the funds to Tornado Cash in a bid to cover up the trail.
