DeltaPrime, a DeFi protocol running on the Arbitrum chain, has fallen victim to suspicious transactions. The issue was pointed out by Web3 security firm CyVers, which said malicious actors had compromised the protocol’s admin wallet.
According to CyVers, the attackers took control of the DeltaPrime proxy contract and drained funds from multiple pools, including DPUSDC, DPARB, and DPBTCb.
'North Korean hackers linked to Delta Prime hack' claims
In the latest update, CyVers claims that the attackers exchanged the stolen USDC for Ethereum (ETH), further complicating the recovery effort. CyVers CTO Mayer Dolev further explained that the attacks are ongoing.
The company initially reported a loss of $4.5 million, but as of this writing, the case is still ongoing and the loss figure continues to grow.
“The hacker was able to steal funds by upgrading the contract to point to his malicious contract. The total loss now stands at $5.9 million,” Dolev told BeInCrypto in an email.
Read more: Cryptocurrency Project Security: Early Threat Detection Guide
Amid growing concerns, on-chain investigator ZachXBT has highlighted the DeltaPrime breach and its links to North Korean IT workers who were involved in a similar incident in August 2024 using fake identities and KYC documents.
ZachXBT’s report also detailed a pattern of fraudulent activity , which he linked to a larger network of malicious actors who have been draining funds from various DeFi projects since June 2024.
These findings point to a complex web of fraud, believed to be exploiting vulnerabilities in decentralized protocols by North Korean operators. According to ZachXBT, the attackers’ money laundering strategy involved moving stolen assets between chains and depositing large amounts into privacy-focused service Tornado Cash, effectively hiding the traces of the stolen funds.
Read more: Top 5 Cryptocurrency Security Flaws and How to Avoid Them
As of this writing, the DeltaPrime team has yet to make an official statement. The attack also had a significant impact on the platform’s native token, PRIME. Its value has fallen by 6.3% in the last 24 hours, currently trading at $1.
