The project is offered on both Arbitrum and Avalanche blockchains. Monday’s exploit impacted only the version on Arbitrum as of European morning hours.

Over $6 million worth of various tokens from wallets belonging to on-chain brokerage DeltaPrime were drained early Monday after an apparent private key leak, security researchers said on X.

The project is offered on both Arbitrum and Avalanche blockchains. Monday’s exploit impacted only the version on Arbitrum as of European morning hours – and users could not withdraw funds (on Arbitrum) due to how the utilization of borrowing and lending works on the platform.

A hacker gained control of 0xx40e4ff9e018462ce71fa34abdfa27b8c5e2b1afb, which is the admin of proxies. Then, the hacker upgraded the proxies to point to malicious contract 0xD4CA224a176A59ed1a346FA86C3e921e01659E73, Fuzzland founder Chaofan Shou said on X.

Proxy is a contract that interacts with users and other contracts. It contains minimal logic and serves as an intermediary, but it is a key part of any application, as a compromise can mean the entire protocol is impacted.

Security firm Cyvers confirmed the exploits in a Telegram message to CoinDesk, stating tit detected “multiple suspicious transactions” involving Delta Prime and that it “seemed that admin has lost the private key.

“Affected pools so far are the #DPUSDC, #DPARB, #DPBTCb,” Cyvers said, referring to on-chain lockers holding USDC stablecoins, Arbitrum’s ARB and bitcoin (BTC).

Messages sent by Delta Prime team members on its Discord channel viewed by CoinDesk said the team was investigating and working on the issue. They did not outright confirm or announce the exploit or reveal specific details as of European morning hours.

DeltaPrime’s PRIME tokens are down 6.5% in the past 24 hours, tracking a market-wide drop led by ether (ETH).

The post Crypto Broker DeltaPrime Drained of Over $6M Amid Apparent Private Key Leak appeared first on Crypto Insider.

The source of the hack has been “found and reverted,” according to the protocol.

Hackers plundered approximately $570,000 from decentralized finance (DeFi) protocol Curve.Finance, according to a screenshot of the protocol’s wallet shared on Twitter late Tuesday.

Shortly after that announcement, the protocol’s operators said via Telegram that they found the source of the problem and fixed it. “If you have approved any contracts on Curve in the past few hours, please revoke immediately,” they said. The protocol also advised users to use curve.exchange until the propagation of curve.fi reverts to normal.

Curve.Finance is an integral part of the DeFi ecosystem due to its CRV token rewards emissions, which serve as a source of income for several other protocols.

The suspected hacker appears to have changed the domain name system (DNS) entry for the protocol, forwarding users to a fake clone and approving a malicious contract. The program’s contract remained uncompromised, however.

In response to the hack, the protocol advised users in a Telegram message to refrain from using curve.fi or curve.exchange until the protocol’s operators locate the source of the exploit.

“We are becoming aware of a potential front end issue that is approving a bad contract,” the Telegram announcement read. “For now, please do not perform any approvals or swaps. We’re trying to locate the issue, but for now, for your safety, do not use curve.fi or curve.exchange.”

The post DeFi Protocol Curve.Finance Gets Hacked and $570K Is Stolen appeared first on Crypto Insider.