Hackers Against DeFi In Italy: $6 Million Breach

It is Delta Prime the latest illustrious victim of the cryptocurrency industry to be hacked. The Italian decentralised finance platform, which brokers the Avalanche and Arbitrum chains, was robbed at two different times. The first was between Sunday and Monday, when it was relieved of $4.5 million, according to Cyvers, a well-known onchain security platform that is monitoring the situation.

Following this first breach, other suspicious money transfers were detected, totalling USD 5.93 million. The rather skilful hacker managed to drain the token pools one after the other.

Hackers are getting more aggressive

Hacking cryptocurrency trading platforms acts in a subtle, yet effective manner given the high success rate these operations achieve. Not more than two months ago, it was WazirX, a rather popular exchange in India, that suffered a very serious attack, which prompted the management to offer a hefty reward to anyone able to provide information on the circumstances of the attack.

In the last two days, it was the Sicilian platform's turn. In the space of some forty hours, the attackers have managed to steal a large sum of money, and it is not certain that the losses will stop at 6 million, as the site's security is now compromised and will need to be reinforced before the hacking can be declared finished.

The attack hit the heart, at the admin wallet

There are therefore further potential losses in sight, but let's try to understand what happened and how it is possible to rob so many proxy contracts in such a short time. According to Meir Dolev, CTO of Cyvers, the hacker knew where to strike. He first took control of the system administrator's e-wallet, and was thus able to trace all the addresses of the contracts deposited on the wallet and the corresponding funds. Having reached this point the hard part was done and he simply updated each position, forcing transactions to the malicious contract, created ad hoc to absorb the funds emptied by the others.

The operation resulted in the draining of all Delta Prime pools placed on the Arbitrum blockchain.

The Hackers' Success Might Inspire Emulation

The one against Delta Prime is the third hacker attack of the year. The fact that all three were successful could spur numerous other malicious cyber groups to follow suit, seriously threatening the entire industry. The main bogeyman is the North Korean group Lazarus.

The collective has not moved for some time and has been placed in a dormant state. What is feared is that it is targeting a bigger fish. The FBI, a police force that has a specialised cybercrime unit, issued an alert a few days ago, warning of the possibility that Lazarus is looking for a weakness to steal money from cryptocurrency-based ETFs. The potential reward demanded for freeing these funds, once successfully stolen, is huge, far higher than what the various Delta Prime or WazirX could offer. Many investors who have moved into exchange traded funds are in fact very wealthy players. Most of them are funds or capital management companies, some of the world's largest.

Don't miss any breaking news on the world of Web3 and cryptocurrencies, subscribe to the Spaziocrypto Newsletter.