Crypto cybersecurity firm Cyvers has reported a security incident affecting DeltaPrime, a decentralized finance (DeFi) protocol on the Arbitrum network.
According to a tweet from Cyvers, the ongoing incident resulted in an initial estimated loss of $4.5 million—subsequently updated to $5.93 million as a “suspicious address” continued to drain funds from DeltaPrime’s liquidity pools.
The security firm stated that their system detected “multiple suspicious transactions” involving DeltaPrime on the Arbitrum (ARB) chain, adding that the protocol's administrator may have lost control of their private key private key , leading to unauthorized access to the platform's smart contracts .
Control over this key allowed the entity to update the proxy smart contract to execute the attack.
The incident has affected several of DeltaPrime's liquidity pools, including DPUSDC, DPARB, and DPBTCb. Cyvers noted that the address associated with the suspicious activity has begun converting USDC tokens to Ethereum (ETH).
The news follows mid-July reports that cross-chain DeFi protocol Li.Fi is suspected to have lost about $11 million in cryptocurrencies in an exploit. Reports at the time indicated that a wallet linked to the hack held nearly $6 million in Ethereum alongside numerous stablecoins.
In a similar early August incident, cross-chain gaming-focused bridge Ronin saw $12 million siphoned from its wallets by white-hat hackers. They subsequently contacted Ronin’s developers to arrange for the return of the funds that they had preemptively siphoned from the bridge in order to prevent a bad-faith hack.