DeFi app Delta Prime loses $6M after being warned of Lazarus mole
Delta Prime, a decentralized finance (DeFi) application on the Arbitrum and Avalanche blockchains, has been drained of $6 million due to a private key compromise of an administrator address.
The alarm was raised by security researcher Chaofan Shou, who also spotted last week’s draining of a recently launched token contract by a lightning-fast MEV bot. The loss was initially estimated to be $7 million before being revised down.
Read more: ‘Cryptographic performance art’ drains contract one block after launch
According to Shou, the compromised admin address on Arbitrum was used to upgrade DeFi Prime’s proxy contracts to a malicious contract which “can inflate the deposited amount of the hacker on all pools.”
The incident comes a month after pseudonymous blockchain investigator ZachXBT alerted teams across the DeFi sector to their possible infiltration by developers working for the Lazarus Group of North Korean state-sponsored hackers.
Commenting on the case, ZachXBT remarked that DeFi Prime was “one of the teams with the DPRK IT workers I reached out to warn (was told they were all removed).”
Read more: A single malicious transaction led to $230M drained from WazirX
Delta Prime has acknowledged the loss, confirming the root cause to be a private key compromise.
The team states that the Avalanche deployment of the platform is safe and that it is currently conducting an investigation into the source of the breach. Users were also told that “the insurance pool will cover any potential losses where possible/necessary.”
Got a tip? Send us an email or ProtonMail. For more informed news, follow us on X, Instagram, Bluesky, and Google News, or subscribe to our YouTube channel.