MultiversX Tracker is Live!

Delta Prime DeFi hacker drains $6M by exploiting minting bug

CoinJournal

Cryptocoins News / CoinJournal 59 Views

  • Hacker exploited Delta Prime’s upgrade function to mint massive tokens
  • Over $6M in assets were stolen, including Bitcoin, Ether, and stablecoins
  • Attack exposes risks of upgradable contracts in decentralized finance (DeFi)

Delta Prime, a DeFi platform operating on the Arbitrum network, has fallen victim to a major cyberattack, resulting in the theft of over $6 million from its liquidity pools.

The hacker exploited a vulnerability in the platform’s token minting system.

The breach began when the attacker gained control of Delta Prime’s admin account, likely by stealing the developer’s private key.

How did the Delta Prime hack unfold?

With access to the admin wallet, the hacker used the platform’s upgrade function to modify several liquidity pool contracts. These contracts were linked to proxy addresses, a mechanism designed to allow developers to implement software upgrades.

However, instead of upgrading the software, the attacker pointed the contracts to malicious versions that allowed them to mint arbitrarily large numbers of tokens.

According to blockchain data provided by block explorer Arbiscan, the hacker initially minted over 115 duovigintillion Delta Prime USD (DPUSDC) tokens, an astronomical figure represented as 1.1*10^69 in scientific notation.

DPUSDC serves as a deposit receipt token for the USDC stablecoin, intended to be redeemed at a 1:1 ratio.

Despite minting a massive amount of DPUSDC, the hacker redeemed only $2.4 million worth of USDC.

The same exploit was applied to other deposit receipt tokens, including Delta Prime Wrapped Bitcoin (DPBTCb), Delta Prime Wrapped Ether (DPWETH), and Delta Prime Arbitrum (DPARB). The attacker minted massive quantities of these tokens and redeemed a small fraction, ultimately stealing over $6 million in assets, including Bitcoin, Ether, Arbitrum, and USDC.

Cyvers, an on-chain security platform, was one of the first to report the attack, warning that the losses were initially $4.5 million but quickly escalated as the hacker continued draining pools.

Blockchain security specialist Chaofan Shou later confirmed that the total theft had reached approximately $6 million.

This incident underscores the risks associated with upgradable contracts in the DeFi ecosystem. Although upgradable contracts allow developers to fix bugs post-deployment, they introduce a centralization risk if an admin account is compromised, as seen in the Delta Prime hack.

The attack on Delta Prime is part of a growing trend of high-profile DeFi breaches, with experts warning that future targets could include even larger institutions, such as Bitcoin exchange-traded funds (ETFs), which hold billions in digital assets.

The post Delta Prime DeFi hacker drains $6M by exploiting minting bug appeared first on CoinJournal.


Get BONUS $200 for FREE!

You can get bonuses upto $100 FREE BONUS when you:
πŸ’° Install these recommended apps:
πŸ’² SocialGood - 100% Crypto Back on Everyday Shopping
πŸ’² xPortal - The DeFi For The Next Billion
πŸ’² CryptoTab Browser - Lightweight, fast, and ready to mine!
πŸ’° Register on these recommended exchanges:
🟑 Binance🟑 Bitfinex🟑 Bitmart🟑 Bittrex🟑 Bitget
🟑 CoinEx🟑 Crypto.com🟑 Gate.io🟑 Huobi🟑 Kucoin.



Comments