$5.93M Stolen Funds From DeltaPrime Routed to Tornado Cash

As a researcher with years of experience in the dynamic and unpredictable world of blockchain and cryptocurrencies, I find myself once again at the crossroads of innovation and vulnerability, as the DeltaPrime hack serves as yet another grim reminder of the challenges that lie within this realm.

In a significant cyber attack, the DeFi platform DeltaPrime suffered a breach, leading to the theft of approximately $6 million. The thief moved most of the stolen funds, around $5.93 million, into the Ethereum blockchain and used Tornado Cash, a well-known service for concealing cryptocurrency transactions, as a conduit.

A security firm specializing in blockchain named Cyvers identified a vulnerability on the Arbitrum network, where DeltaPrime is based. This breach appears to have been exploited by a hacker, who apparently managed to obtain an admin’s private key, thereby gaining control over various liquidity pools such as DPUSDC, DPARB, and DPBTCb.

As an analyst, I’ve noticed that the unauthorized actor rapidly exchanged the stolen USDC into Ethereum (ETH). The potential damage could escalate as this incident continues to unfold, increasing the overall loss.

The DeltaPrime team is making every effort to restore the lost funds for their users and minimize any potential losses. They have safety nets in place, like insurance, to deal with damage should it occur.

On X’s latest update, the DeltaPrime team underscored their efforts to maintain control over the current circumstances. They mentioned they are actively pursuing the recovery of assets, and when applicable, the insurance fund will compensate for any incurred damages.

In the meantime, users are currently unable to withdraw their assets from DeltaPrime’s Arbitrum version as we work diligently to address the problem.

2024-09-17 13:40

Read More