DeFi platform DeltaPrime has reportedly suffered another major security breach, with hackers draining $4.75 million in tokens from its liquidity pools on the Arbitrum and Avalanche networks.
According to blockchain forensic platform PeckShield, the attacker exploited a vulnerability in the protocol’s periphery adaptor contract, a weakness that enabled unauthorized access to its funds. Blockchain security analysts at CertiK have also confirmed that the stolen funds are now held at a wallet address unlinked to the protocol.
The DeltaPrime team has acknowledged the incident and stated that the protocol’s operation has been paused on both networks. They stated that they would provide more updates as they investigate the issue, but the “risk is contained.”
DeltaPrime was just exploited on Avalanche and Arbitrum for a total of (initial estimate) $4.75mm.
With the protocol being paused on both chains, the risk is contained. We will provide updates asap.
— DeltaPrime (@DeltaPrimeDefi) November 11, 2024
This marks the second major hack against DeltaPrime this year. In September, the protocol lost $6 million in a separate attack after weak private key security allowed hackers to take control of a vulnerable contract.
DeltaPrime operates as a trustless lending protocol on Avalanche and Arbitrum, where users can deposit assets like $AVAX or $ARB into liquidity pools for others to borrow. While designed to facilitate decentralized lending, the platform’s repeated security breaches have raised concerns about the security of DeFi protocols.
The recent hack on DeltaPrime is part of a broader wave of security breaches impacting the DeFi space. In Q3 2024 alone, DeFi protocols reportedly recorded losses totalling $413 million due to hacks and exploits. Notable ones include $27 million from Penpie, $5.6 million from Truflation, $2 million from Bedrock, and the earlier $5.9 million loss by DeltaPrime. Singapore-based exchange BingX also faced a suspected hot wallet breach that resulted in a $43 million loss in the same month, according to PeckShield. The industry continues to grapple with vulnerabilities, as shown by these high-profile incidents.
Further adding to industry concerns, another recent incident occurred on Base, a Layer 2 blockchain. A security breach involving manipulated Wrapped Ether (WETH) contracts led to an approximate $1 million theft on October 25, according to another blockchain security platform, Cyvers Alerts.
If you want to read more news articles like this, visit DeFi Planet and follow us on Twitter, LinkedIn, Facebook, Instagram, and CoinMarketCap Community.
“Take control of your crypto portfolio with MARKETS PRO, DeFi Planet’s suite of analytics tools.”