Decentralized finance (DeFi) application Delta Prime, which operates on the Arbitrum and Avalanche networks, suffered an estimated $4.5 million hack on Monday.

This is the second incident to hit the ‘yield farm’ in less than two months, bringing combined losses to approximately $10.5 million. The serial hacker responsible also looks to be a keen ‘farmer,’ putting $2 million to work on other platforms.

Blockchain security firm Peckshield suggested that Delta Prime “may want to take a look” at a suspicious transaction in which funds were sourced via a flash loan from the Balancer protocol.

Read more: DeFi app Delta Prime loses $6M after being warned of Lazarus mole

A follow-up post identified the loss as linked to “the lack of input validation in claiming possible rewards.”

The official Delta Prime response to the incident estimates losses at $4.5 million and states that “the protocol [is] paused on both chains, the risk is contained.” Meanwhile, the project’s most recent X (formerly Twitter) thread had been an explainer on reimbursement tokens for victims of the previous hack.

According to X user yieldsandmore, the address responsible for the attack is an “experienced serial exploiter.” They also appear to be a keen DeFi user.

On Arbitrum, two addresses were identified as holding the profits from the exploit, which total approximately $700,000. However, as Peckshield notes, on Avalanche, where the majority of the funds ($4.1 million) were stolen, the exploiter is using around $2 million of the spoils to farm rewards on two DeFi protocols, LFJ (formerly Trader Joe) and Stargate.

Today’s hack comes just under two months after Delta Prime confirmed having lost $6 million to a private key compromise. Prolific blockchain investigator ZachXBT had previously warned of North Korean infiltrators in a number of DeFi projects, Delta Prime included.

To combat the threat of state-sponsored hackers working as moles within DeFi teams, some teams have resorted to a simple (but apparently effective) screening process.

Read more: North Korean hackers posing as devs exposed with ‘I Hate Kim Jong Un’ test

According to Harrison Leggio, co-founder of token launchpad g8keep and known as Pop Punk on X, challenging potential hires to type “i hate kim jong un, fuck north korea” may be enough to scare them off.

Got a tip? Send us an email or ProtonMail. For more informed news, follow us on X, Instagram, Bluesky, and Google News, or subscribe to our YouTube channel.

The post DeFi project Delta Prime hacked again — months after private key leak appeared first on Protos.

Delta Prime, a decentralized finance (DeFi) application on the Arbitrum and Avalanche blockchains, has been drained of $6 million due to a private key compromise of an administrator address.

The alarm was raised by security researcher Chaofan Shou, who also spotted last week’s draining of a recently launched token contract by a lightning-fast MEV bot. The loss was initially estimated to be $7 million before being revised down.

Read more: ‘Cryptographic performance art’ drains contract one block after launch 

According to Shou, the compromised admin address on Arbitrum was used to upgrade DeFi Prime’s proxy contracts to a malicious contract which “can inflate the deposited amount of the hacker on all pools.”

The incident comes a month after pseudonymous blockchain investigator ZachXBT alerted teams across the DeFi sector to their possible infiltration by developers working for the Lazarus Group of North Korean state-sponsored hackers.

Commenting on the case, ZachXBT remarked that DeFi Prime was “one of the teams with the DPRK IT workers I reached out to warn (was told they were all removed).”

Read more: A single malicious transaction led to $230M drained from WazirX

Delta Prime has acknowledged the loss, confirming the root cause to be a private key compromise.

The team states that the Avalanche deployment of the platform is safe and that it is currently conducting an investigation into the source of the breach. Users were also told that “the insurance pool will cover any potential losses where possible/necessary.”

Got a tip? Send us an email or ProtonMail. For more informed news, follow us on X, Instagram, Bluesky, and Google News, or subscribe to our YouTube channel.

The post DeFi app Delta Prime loses $6M after being warned of Lazarus mole appeared first on Protos.