Crypto broker DeltaPrime has reportedly suffered a second cyberattack, this time losing $4.75 million in tokens after a vulnerability was exploited on its platform. The attack targeted multiple pools on the Arbitrum network, and follows a previous breach in September that resulted in a $6 million loss. Analysts point to weaknesses in the protocol’s security as the cause, raising concerns about its safety.
Details of the Latest Attack
The most recent breach occurred on November 11, 2024, when hackers took advantage of a flaw in DeltaPrime’s periphery adaptor contract. Blockchain analysts from CertiK identified that the stolen funds are being held in a specific wallet (0x56…634c). DeltaPrime confirmed the loss, revealing that crypto assets from pools on both the Avalanche and Arbitrum networks were drained, totaling $4.75 million.
A Pattern of Vulnerabilities
This attack marks the second time in just a few months that DeltaPrime has been targeted. The first breach occurred in September 2024, when attackers exploited weak private key security to drain $6 million from the platform. The repeated breaches have raised questions about the protocol’s security measures and its ability to safeguard users’ funds. DeltaPrime has yet to address whether any internal changes or security upgrades have been made since the first incident.
Uncertainty Surrounding the Attackers
While blockchain sleuth ZachXBT previously noted that DeltaPrime had employed North Korean IT workers, no direct connection between the hack and North Korea has been proven. DeltaPrime has since removed all flagged personnel, but questions remain about the ongoing security risks the protocol faces. Despite securing funding from major players such as Avalanche, GSR Capital, and Moonhill Capital, the protocol’s future security remains in question following these repeated attacks.
