DeFi Industry Shaken by DeltaPrime Hack Exploit Results in 48 Million Loss

In the latest incident, the lending DeFi protocol DeltaPrime has suffered a loss of $4.8 million due to an exploit involving Arbitrum (ARB) and Avalanche (AVAX). This attack marks the second major hack on DeltaPrime in the past two months, highlighting the ongoing security concerns within the protocol and the broader DeFi industry.

The hack was initially reported by PeckShield, an on-chain security firm, which stated that the attacker manipulated DeltaPrime’s “claimRewards” contract. This vulnerability allowed the attacker to engage in fraudulent activities and acquire approximately $4.8 million by exploiting a code logic loophole that bypassed crucial security controls.

According to PeckShield, the attacker deposited $1.3 million into LFJ (formerly known as Trader Joe) and invested in farming $USDC on the Stargate protocol. In response to the breach, DeltaPrime has temporarily halted its operations on the Arbitrum and Avalanche networks.

The protocol’s team has assured stakeholders that although the protocol is currently paused on both chains, the risk is contained, and they are actively investigating the issue.

This attack follows a previous incident in mid-September, where DeltaPrime lost $6 million due to the leakage of an administrator’s private keys. These consecutive breaches emphasize the ongoing security vulnerabilities within the DeltaPrime protocol and the wider DeFi ecosystem.

Cryptocurrency security experts have recently criticized the lack of protection in most DeFi protocols. They argue that vulnerabilities like the claimRewards contract exploit could have been addressed through proper code audits and checks.

While security audits provide a range of options to mitigate risks, they do not guarantee absolute safety for DeFi protocols handling substantial funds.