On September 16, 2024, DeltaPrime, a notable decentralized finance (DeFi) platform, announced a significant security breach on its Arbitrum-based protocol, DeltaPrime Blue. The cyberattack, which took place around 6:14 AM CET, resulted in the loss of approximately $5.98 million. DeltaPrime revealed that the exploit was due to a compromised private key.

However, the platform reassured users that its Avalanche-based protocol, DeltaPrime Red, remains secure, as it utilizes multisig wallets and cold storage for added protection.

The breach was initially flagged by Cyvers Alerts, a blockchain security platform that detected unusual activity involving DeltaPrime Blue's liquidity pools on the Arbitrum chain. Suspicious transactions, including the draining of pools like DPUSDC, DPARB, and DPBTCb, were reported. Within hours, the attacker had swapped large amounts of USDC for ETH, with losses initially estimated at $4.5 million before rising to nearly $6 million. Cyvers confirmed that the attacker gained control over DeltaPrime's admin wallet private key, enabling them to alter proxy contracts and redirect them for malicious purposes.

In response, DeltaPrime announced efforts to recover the stolen assets and ensure user losses are minimized. The platform's insurance pool is expected to cover losses where possible, and the team is actively investigating the incident. DeltaPrime is providing ongoing updates through social media and Discord, keeping the community informed as they work to address the breach and prevent future vulnerabilities.