DeltaPrime sets deadline for attacker to resolve $4.8m hack

Decentralized finance borrowing and lending platform DeltaPrime is setting a deadline for the attacker to start talking about receiving funds and threatening legal action.

Decentralized finance borrowing protocol DeltaPrime, which suffered a $4.8 million attack on November 11, issued an ultimatum to the attacker demanding a response by 08:00 am (CET) on November 14.

A message to the attacker (Reply by 8 a.m. on November 14)

Yesterday we sent you an on-chain message at: https://t.co/HSyGGCxqOz.

It looks like you either missed this message or decided to postpone the reply to collect more rewards in LFJ and Stargate.

We trust ourselves…

— DeltaPrime (@DeltaPrimeDefi) November 13, 2024

Protocol co-founder Gavin Hasselbaink warned in an X post on November 13 that failure to initiate dialogue would result in legal action and an investigation into the identity of the attacker.

“As you know, we have a few clues about your true identity, and at some point we will need to pursue them to recover user funds.”

Gavin Hasselbaink

Following the attack, DeltaPrime sent an on-chain message to the hacker requesting communication regarding the recovery of the stolen funds. However, Hasselbaink said the attacker either missed this message or decided to delay the response.

In a public message, Protocol emphasized that its priority was “secure fund reception,” assuring the attacker of its commitment to anonymity, citing past collaborations with other attackers who voluntarily returned stolen funds.

DeltaPrime set November 14 as the deadline for the attacker to begin negotiations regarding the $4.8 million stolen during the hack. The post states that if no communication occurs by then, the incident will no longer be considered a white hat attack and the protocol will escalate the situation.

The latest attack is the second time the protocol has been targeted by hackers, with a previous incident in September causing a loss of $6 million. At the time, attackers were exploiting weak private key security to gain control of and dump the project’s vulnerable contract.

Blockchain detective ZachXBT previously noted that DeltaPrime had previously hired North Korean IT workers. However, the analyst emphasized that all flagged personnel have been suspended and questions about any connection between the hack and North Korea remain unresolved.