DeltaPrime DeFi protocol loses $6 million on the Arbitrum network in an exploit
This is the second hack of the project in the last two months
16.09.2024 - 12:30
615
3 min
0
What’s new? DeltaPrime DeFi protocol, which runs on the Avalanche blockchain and the Layer 2 (L2) Arbitrum network based on the Ethereum blockchain, has lost $6 million in an exploit. IS firm Cyvers said the cause was a leak of an administrator’s private key.
What else is known? Gaining access to the project’s wallet allowed hackers to replace contract addresses with their own and empty DeltaPrime pools in the Arbitrum network. After withdrawing funds, they began exchanging the stolen assets for ETH coins.
The incident occurred just two months after DeltaPrime lost $1 million in an attack. The cause then was a vulnerability that allowed the hacker to transfer ownership of the accounts, repay their loans and withdraw collateral. In total, he used 13 accounts.
Afterward, the DeltaPrime team said it re-audited the code and fixed the vulnerability. It also compensated the victims, with $900 000 recovered from the hack and another $100 000 taken from a contingency fund.
Commenting on the new incident, the team noted that $5,98 million has been withdrawn from the Arbitrum-based Delta Prime Blue protocol. The reasons for the key leak are currently being ascertained. In turn, the DeltaPrime Red protocol on the Avalanche network was not affected.
“The risk is contained, we’re working on asset-retrieval and the insurance pool will cover any potential losses where possible / necessary. Additionally, we're looking into other ways to reduce user losses to a minimum,” the developers concluded.
Anonymous blockchain analyst ZachXBT, known for his investigations into hacks in the crypto industry, noted that DeltaPrime had previously hired IT professionals from North Korea.
He said that earlier this year, he warned developers against hiring employees from the sanctioned country. While DeltaPrime later assured that it had fired such employees, the potential link between the hack and North Korea remains unclear.
Analysts have previously reported that North Korean hackers have been infiltrating crypto companies under the guise of employees to gain access to insider information and conduct attacks.
Hackers from the DPRK have been implicated in several high-profile incidents in the industry, including the $235 million hack of Indian crypto exchange WazirX in August and the $20 million hack of Indonesian crypto exchange Indodax this month.
Useful material?
Telegram 
Twitter Incidents
Developers warned of potential risks to bridges across the ecosystem and asked exchanges for assistance.
Jun 22, 2026
Incidents
The defendant helped move funds stolen through investment scams and earned at least $4 million for his role in the operation.
Jun 10, 2026
Incidents
The company is linking the incident to a compromised private key on a service wallet, rather than a smart contract exploit
May 22, 2026
Incidents
Following the incident, the project temporarily halted trading operations and node activity.
May 15, 2026
Incidents
The user spent weeks unsuccessfully trying to guess the password until Claude helped find an old wallet backup file
May 14, 2026
Crypto regulations
Authorities are introducing mandatory registration for companies handling cross-border crypto transactions
May 8, 2026
Cryptocurrency rates
-
Bitcoin
$62 343
BTC
-3.13%
-
Ethereum
$2 551.16
ETH
+3.56%
-
BNB Smart Chain
$579.4
BSC
+1.23%
-
Ripple
$1.1
XRP
-2.82%
-
TRON
$0.160134
TRX
-1.59%
-
Dogecoin
$0.078413
DOGE
-5.15%
-
Zcash
$415.83
ZEC
-7.13%
-
Stellar XLM
$0.194344
XLM
-4.94%
-
Cardano
$0.149995
ADA
-5.39%
-
Polkadot
$3.32
DOT
+5.27%