- Hackers exploited Delta Prime’s upgrade feature to mine a large amount of tokens.
- More than $6 million worth of assets were stolen, including Bitcoin, Ether, and stablecoins.
- Attack exposes risks to upgradable contracts in decentralized finance.
Delta Prime, a DeFi platform operating on the Arbitrum network, suffered a massive cyberattack when hackers exploited a vulnerability in the platform’s token minting system, resulting in over $6 million being stolen from its liquidity pools.
The breach began when attackers stole a developer’s private key and took control of Delta Prime’s administrator account.
The Delta Prime Hacking Incident Unfolds
The hacker gained access to the admin wallet and used the platform’s upgrade function to modify several liquidity pool contracts. These contracts were linked to proxy addresses, a mechanism designed to allow developers to implement software upgrades.
But instead of upgrading the software, the attackers included a malicious version of the contract that could mint arbitrarily large amounts of tokens.
According to blockchain data provided by block explorer Arbiscan, the hacker initially minted over 115 duovigintillion Delta Prime USD (DPUSDC) tokens, an astronomical number expressed in scientific notation as 1.1*10^69.
DPUSDC is used as a deposit receipt token for the USDC stablecoin and is designed to be redeemed at a 1:1 ratio.
The hacker minted a huge amount of DPUSDC, but only recovered $2.4 million worth of USDC.
The same exploit was also applied to other deposit receipt tokens, including Delta Prime Wrapped Bitcoin (DPBTCb), Delta Prime Wrapped Ether (DPWETH), and Delta Prime Arbitrum (DPARB). The attackers minted large amounts of these tokens and redeemed some of them, ultimately stealing over $6 million worth of assets, including Bitcoin, Ether, Arbitrum, and USDC.
On-chain security platform Cyvers was one of the first to report the attack, warning that the initial loss was $4.5 million but quickly grew as the hackers continued to drain funds.
🚨Notification🚨@DeltaPrimeDefi A security breach has occurred with the administrator key.
The attacker controlled the private key 0x40e4ff9e018462ce71fa34abdfa27b8c5e2b1afb.
Then he upgraded the proxy!So far, $5.93 million has been leaked!
Want to keep your company off our notification radar? Find out… https://t.co/yOmNZJyp5l pic.twitter.com/lztFvXVmfI
— 🚨 Cyber Alerts 🚨 (@CyversAlerts) September 16, 2024
Blockchain security expert Chaofan Shaw later confirmed that the total amount stolen was around $6 million.
Delta Prime @DeltaPrimeDefi Admin private key leaked. All pools are empty. $7 million already lost. Withdraw asap! https://t.co/uNn5nZoHp3 pic.twitter.com/se3RebRjpX
— Chao Fan Shaw (@shoucccc) September 16, 2024
This incident highlights the risks associated with upgradable contracts in the DeFi ecosystem. Upgradable contracts allow developers to fix bugs after deployment, but as seen in the Delta Prime hack, they also pose a risk of centralization if admin accounts are compromised.
The Delta Prime attack is part of a growing trend of high-profile DeFi breaches, with experts warning that much larger institutions, including Bitcoin exchange-traded funds (ETFs) holding billions of dollars in digital assets, could be targeted in the future.