{"id":18481,"date":"2024-11-11T15:51:43","date_gmt":"2024-11-11T13:51:43","guid":{"rendered":"https:\/\/forklog.com\/en\/deltaprime-suffers-4-8-million-theft-in-arb-and-avax-tokens\/"},"modified":"2024-11-11T15:51:43","modified_gmt":"2024-11-11T13:51:43","slug":"deltaprime-suffers-4-8-million-theft-in-arb-and-avax-tokens","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/deltaprime-suffers-4-8-million-theft-in-arb-and-avax-tokens\/","title":{"rendered":"DeltaPrime Suffers $4.8 Million Theft in ARB and AVAX Tokens"},"content":{"rendered":"<p>On November 11, the DeFi liquidity protocol DeltaPrime fell victim to a hack, resulting in the loss of Arbitrum (ARB) and Avalanche (AVAX) tokens valued at $4.75 million. Users have been advised to revoke permissions for active smart contracts.<\/p>\n<p>According to analysts at PeckShield, the exploit occurred due to a lack of input validation when claiming rewards.<\/p>\n<p>Specifically, the hacker used a malicious variable to replace the collateral asset with the reward. This allowed the theft of the initial collateral for borrowing funds, leaving the debt unpaid.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Today&#8217;s <a href=\"https:\/\/twitter.com\/DeltaPrimeDefi?ref_src=twsrc%5Etfw\">@DeltaPrimeDefi<\/a> exploit leads to $4.8m loss. Since affected pools are now paused, we share our initial analysis below.<\/p>\n<p>The exploit is made possible due to the lack of input validation in claiming possible rewards. Specifically, the exploiter provides an evil pair in\u2026 <a href=\"https:\/\/t.co\/PH0yk9G3kP\">https:\/\/t.co\/PH0yk9G3kP<\/a> <a href=\"https:\/\/t.co\/upJVlJcVrL\">pic.twitter.com\/upJVlJcVrL<\/a><\/p>\n<p>\u2014 PeckShield Inc. (@peckshield) <a href=\"https:\/\/twitter.com\/peckshield\/status\/1855910524460159197?ref_src=twsrc%5Etfw\">November 11, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Researchers also noted that the perpetrator added liquidity amounting to ~$1.3 million to the DeFi platform LFJ (formerly Trader Joe) and farmed USDC worth ~$600,000 via the cross-chain bridge Stargate.<\/p>\n<blockquote class=\"twitter-tweet\" data-conversation=\"none\">\n<p lang=\"en\" dir=\"ltr\">DeltaPrime <a href=\"https:\/\/twitter.com\/DeltaPrimeDefi?ref_src=twsrc%5Etfw\">@DeltaPrimeDefi<\/a> has been exploited for ~$4.8M worth of crypto on both <a href=\"https:\/\/twitter.com\/hashtag\/ARB?src=hash&#038;ref_src=twsrc%5Etfw\">#ARB<\/a> &#038; <a href=\"https:\/\/twitter.com\/hashtag\/AVAX?src=hash&#038;ref_src=twsrc%5Etfw\">#AVAX<\/a>. <br \/>The exploiter has added liquidity (~$1.3M) to <a href=\"https:\/\/twitter.com\/hashtag\/LFJ?src=hash&#038;ref_src=twsrc%5Etfw\">#LFJ<\/a> (formerly Trader Joe) &#038; farmed <a href=\"https:\/\/twitter.com\/search?q=%24USDC&#038;src=ctag&#038;ref_src=twsrc%5Etfw\">$USDC<\/a> on <a href=\"https:\/\/twitter.com\/hashtag\/Stargate?src=hash&#038;ref_src=twsrc%5Etfw\">#Stargate<\/a> <a href=\"https:\/\/t.co\/IYKs6CujlA\">pic.twitter.com\/IYKs6CujlA<\/a><\/p>\n<p>\u2014 PeckShield Inc. (@peckshield) <a href=\"https:\/\/twitter.com\/peckshield\/status\/1855900790063607929?ref_src=twsrc%5Etfw\">November 11, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>DeltaPrime confirmed the incident and has suspended operations on the Arbitrum and Avalanche networks.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">DeltaPrime was just exploited on Avalanche and Arbitrum for a total of (initial estimate) $4.75mm.<\/p>\n<p>With the protocol being paused on both chains, the risk is contained. We will provide updates asap.<\/p>\n<p>\u2014 DeltaPrime (@DeltaPrimeDefi) <a href=\"https:\/\/twitter.com\/DeltaPrimeDefi\/status\/1855899502944903195?ref_src=twsrc%5Etfw\">November 11, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>To prevent further losses, users are advised to revoke approval of active contracts using the Revoke service.<\/p>\n<p>This marks the second hack of DeltaPrime this autumn. In September, a private key leak on the Arbitrum network led to a $6 million theft. Analyst ZachXBT speculated that North Korean hackers, posing as Canadian and Japanese citizens, were once part of the DeltaPrime team.<\/p>\n<p>As reported by PeckShield, in October, the crypto industry suffered losses of ~$88.47 million due to 20 hacking incidents.<\/p>\n<p>The largest incident last month was the hack of the lending protocol Radiant Capital, resulting in a $53 million loss.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>On November 11, the DeFi liquidity protocol DeltaPrime fell victim to a hack, resulting in the loss of Arbitrum (ARB) and Avalanche (AVAX) tokens valued at $4.75 million. Users have been advised to revoke permissions for active smart contracts. According to analysts at PeckShield, the exploit occurred due to a lack of input validation when [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":18480,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"","news_style_id":"","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[44,1093,1001,1424],"class_list":["post-18481","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-cybercrime","tag-defi","tag-liquidity","tag-protocols"],"aioseo_notices":[],"amp_enabled":true,"views":"28","promo_type":"","layout_type":"","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/18481","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=18481"}],"version-history":[{"count":0,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/18481\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/18480"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=18481"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=18481"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=18481"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}