According to information shared by Cyvers Alerts, the wallet of the decentralized financial project DeltaPrime was suspected of leaking its private key and was attacked this afternoon, resulting in the loss of more than $6 million worth of cryptocurrency. The project has deployed contracts on both the Arbitrum and Avalanche blockchains, and this attack only involved the Arbitrum version.
Security company Cyvers stated that the situation with DeltaPrime seems to be caused by the leakage of the administrator's private key. The affected fund pools currently include DPUSDC, DPARB, and DPBTCb. At the same time, the DeltaPrime team also issued an announcement confirming the news and stating that the team is investigating and handling the issue.
Fuzzland founder Chaofan Shou explained the attack in detail on X. Chaofan Shou said that the hackers first took control of the administrator address of the proxy contract 0xx40e4ff9e018462ce71fa34abdfa27b8c5e2b1afb. Subsequently, the hacker upgraded the proxy contract to point to the malicious contract 0xD4CA224a176A59ed1a346FA86C3e921e01659E73, thereby stealing funds.
The proxy contract is a contract that interacts with users and other contracts. It has simple logic and is used as an intermediary. However, it is an important component of many on-chain protocols because once it is destroyed, the entire protocol may be affected.
On-chain detective ZachXBT also posted on All North Korean workers have been fired.
