DeltaPrime hit by $6M exploit amid North Korea links allegations
DeFi protocol DeltaPrime has suffered a $6 million exploit, according to blockchain security firm Cyvers.
In a Sept. 16 post on X, Cyvers revealed that the breach stemmed from a compromised “admin key.” The firm’s CTO, Meir Dolev, explained to CryptoSlate that :
“[The] hacker took control of the wallet which is the admin of Delta Prime proxy contacts, later on, upgraded these contracts to point to his malicious contract this enabled the hacker to drain Delta Prime pools on Arbitrum chain.”
Cyvers also noted that the attacker has started exchanging some of the stolen assets for Ethereum.
The DeltaPrime team has not issued any public statements about the incident as of press time.
Previous hack
This breach comes just two months after DeltaPrime suffered a $1 million hack in July.
The hacker accessed $1 million across 13 different Prime Accounts during that attack. The breach resulted from a misconfiguration that allowed the attacker to transfer ownership of the accounts, repay their loans, and withdraw their collateral.
DeltaPrime stated at the time that it had re-audited its code and resolved the issue that led to the exploit. The protocol also compensated affected users, returning $900,000 recovered from the attacker and adding $100,000 from its stability pool.
North Korea links
On-chain sleuth ZachXBT pointed out that DeltaPrime had previously hired North Korean IT workers.
ZachXBT said he warned the DeFi platform about employing developers from the sanctioned nation earlier this year.
Although DeltaPrime claimed to have removed the flagged individuals, the potential connection between the hack and North Korea remains unclear.
Reports have highlighted how North Korean hackers infiltrate crypto firms to gain insider access. They then use this knowledge to carry out targeted exploits.
Notably, North Korean malicious actors have been linked to several high-profile crypto hacks, including the $235 million WazirX breach and the $20 million Indodax exchange exploit.