Avalanche-backed borrowing protocol DeltaPrime suffers $4.5m hack

Decentralized lending protocol DeltaPrime has reportedly been hit by a multimillion-dollar hack, raising suspicions of North Korean-linked entities.

DeltaPrime (PRIME), a decentralized lending protocol backed by Avalanche and GSR Markets, was hacked for $4 million after an administrator’s private key was leaked, fuzzland co-founder Chaofan Shou said in a post on X on September 16.

While the exact circumstances behind the private key breach are not yet clear, blockchain researcher ZachXBT noted that DeltaPrime previously employed North Korean IT staff. However, the analyst stressed that all flagged personnel have been removed, leaving questions about any connection between the attack and North Korea unresolved.

Blockchain researchers at Cyvers Alerts noted in the X post that the attack targeted the protocol version published on Arbitrum, and said that the attacker converted the stolen USD Coin (USDC) to Ethereum (ETH).

“It looks like the admin lost the private key. The suspicious address is still draining pools! Pools affected so far are DPUSDC, DPARB, DPBTCb!”

Cyvers Warnings

In addition to Arbitrum, DeltaPrime also has a protocol launched on the Avalanche network, but there have been no reports on whether this protocol is also vulnerable to attacks. Following the attack, DeltaPrime’s native token PRIME fell 6% to $1. By press time, the DeltaPrime team had not made any public statements on the matter.

DeltaPrime, which first launched on the Avalanche network in January 2023, has locked over $63 million in total value and unlocked over $20 million in liquidity, according to the protocol’s official website. The protocol has raised funding from Avalanche, GSR Capital, Moonhill Capital, and Uplift, among others.