Security researchers reported that a significant breach occurred when a hacker compromised DeltaPrime's admin proxy, diverting it to a malicious contract and resulting in over $6 million being drained from wallets. This incident highlights the critical importance of safeguarding private keys within blockchain projects.
As detailed by Fuzzland founder Chaofan Shou, the malicious activity started when a hacker took control of the admin proxy 0xx40e4ff9e018462ce71fa34abdfa27b8c5e2b1afb, subsequently redirecting it to a harmful contract. This crucial intermediary's vulnerability allowed the attacker to exploit the system, leading to devastating financial losses.
The exploit specifically affected the Arbitrum version of DeltaPrime, while the Avalanche counterpart remained untouched. This situation illustrates not just the risk of private key leaks but also the differing impacts that such vulnerabilities can have across various blockchain environments.
Cyvers, the security firm investigating the incident, asserted their findings of 'multiple suspicious transactions' and expressed concern regarding the admin's lost private key. They highlighted that affected liquidity pools included those holding USDC, ARB, and BTC, imposing serious implications for investors.
Collection
[
|
...
]