DeltaPrime, a DeFi protocol on the Arbitrum chain , has fallen victim to a series of suspicious transactions. Web3 security firm CyVers discovered the issue, revealing that bad actors had compromised the protocol's admin wallet.
According to CyVers, the attacker took control of DeltaPrime proxy contracts, siphoning funds from multiple pools, including DPUSDC, DPARB, and DPBTCb.
North Korea accused of involvement in DeltaPrime attack
In its latest update, CyVers said the attacker is believed to have swapped the stolen USDC for Ethereum (ETH), complicating recovery efforts. CyVers CTO Meir Dolev provided additional information, saying the attack is still ongoing. The company initially reported a loss of $4.5 million. However, as the incident was still ongoing at the time of writing, that number is expected to rise.
Suspicious Transactions on DeltaPrime. Source: X/CyversAlert“The hacker upgraded the contracts to point to his malicious contract, allowing the withdrawal of funds. The total loss has now increased to $5.9 million,”
Dolev said in an email to BeInCrypto.
Adding to the growing concerns, ZachXBT pointed out a potential connection between the DeltaPrime attack and a group of North Korean hackers. These employees, using fake identities and KYC documents, were involved in a similar attack in August 2024. ZachXBT’s report also detailed a pattern of fraudulent activity. He linked the latest attack to a larger network of malicious actors who have been siphoning funds from multiple DeFi projects since June 2024.
The disclosures point to a complex fraud network where North Korean agents are believed to be exploiting vulnerabilities in decentralized protocols. According to ZachXBT, the attackers’ money laundering strategy includes moving stolen assets across chain and depositing large amounts into privacy-focused services like Tornado Cash, effectively obscuring the trail of the stolen funds.
PRIME price performance. Source: BeInCryptoAt the time of writing, the DeltaPrime team has yet to make any official statement. The attack has also significantly affected the platform’s native Token , PRIME. It has lost 6.3% of its value over the past 24 hours, currently trading at $1.
Join the BeInCrypto Community on Telegram to learn about technical analysis , discuss cryptocurrencies, and get answers to all your questions from our experts and professional traders.