Delta Prime’s Arbitrum dApp suffered losses of $6 million as a hacker gained access to the private key of an admin wallet, letting them drain the protocol’s pools.
Delta Prime, a DeFi protocol operating on Avalanche and Ethereum layer-2 Arbitrum, underwent an attack on September 16. Specifically, a hacker targeted Delta Prime Blue—the Arbitrum-based version—and walked away with close to $6 million for their efforts.
Web3 security platform Cyvers offered a play-by-play coverage as the hack occurred. It mentioned, “Our system has detected multiple suspicious transactions involving @DeltaPrimeDefi on $ARB chain! (Still ongoing).” While Cyvers first reported this, the hacker had managed to get their hands on $4.5 million. They managed to drain Delta Prime Blue’s pools. The post also read, “Suspicious address already swapped $USDC to $ETH!” It also mentioned that the attacker could cause more damage—and so they did.
Source: Cyvers Alerts
According to Chaofan Shou, Fuzzland co-founder, the bad actor gained access to 0xx40e4ff9e018462ce71fa34abdfa27b8c5e2b1afb—the admin, or wallet, of Delta Prime Blue proxy contracts. They then directed all proxy contracts toward a new, malicious admin contract—0xD4CA224a176A59ed1a346FA86C3e921e01659E73. “This malicious contract can inflate the deposited amount of the hacker on all pools,” Shou iterated.
Source: Chaofan Shou
Delta Prime Acknowledges the Attack
The protocol’s team acknowledged the attack and explained what they know thus far on X. “At 6:14 AM CET DeltaPrime Blue (Arbitrum) was attacked and drained for $5.98M,” the post read. The attack was made possible due to a compromised private key that the hacker used to access the protocol’s contracts. Delta Prime confirmed that the Avalanche-based Delta Prime Red dApp was unaffected through the ordeal. It reassured its users, saying, “The risk is contained, we’re working on asset-retrieval and the insurance pool will cover any potential losses where possible/necessary.”
