North Korean Crypto Devs Behind DeltaPrime Attack & $5.93 M Theft

North Korean Crypto Devs Behind DeltaPrime Attack & $5.93 M Theft North Korean Crypto Devs Behind DeltaPrime Attack & $5.93 M Theft

The DeFi project DeltaPrime on the ARB chain has been attacked leading to a loss of $5.93 Million. Apparently, crypto sleuth, ZachXBT believes the North Korean crypto developers could be behind the attack.

Early today, web3 security firm Cyvers Alerts noticed suspicious transactions as it warned DeltaPrime about the matter, “Our system has detected multiple suspicious transactions involving @DeltaPrimeDefi on $ARB chain! (Still ongoing)Suspicious address still draining the pools! Affected pools so far are the #DPUSDC, #DPARB, #DPBTCb !

Suspicious address already swapped $USDC to $ETH!”

Cyvers also informed that initially only $4.5 million were lost, but since, suspicious addresses were continuing to drain the pools more funds could be stolen. So far, the stolen funds amounts to $5.93 Million.

Advertisement

Note that the project is available on both Arbitrum and Avalanche blockchains, but only the version offered on Arbitrum has been compromised. As a result, users could not withdraw funds on Arbitrum. Fuzzland founder Chaofan Shou claimed that in the early hours of Monday, a hacker got access to admin proxies, which is 0xx40e4..b1afb. Later, the hacker upgraded the proxies to point to malicious contract 0xD4C..59E73.

ZachXBT has pointed out the potential ties between DeltaPrime’s breach and a group of North Korean crypto developers that he had previosuly warned about in August. He wrote post on X, “Idk if related but they were one of the teams with the DPRK IT workers I reached out to warn (was told they were all removed).”

DeltaPrime has neither confirmed nor denied anything about the attack, however, the team was apparently investigating and working on the issue.

Advertisement

Also Read: Crypto Sleuth ZachXBT Uncovers Massive $238M Bitcoin Theft