DeltaPrime, a decentralized finance (DeFi) borrowing and lending platform, has set a firm deadline for the hacker responsible for the $4.8 million breach on November 11. The protocol demands the attacker engage in a dialogue regarding the recovery of the stolen funds by 8 AM CET on November 14, or face potential legal consequences.
In a public post on X (formerly Twitter) on November 13, DeltaPrime co-founder Gavin Hasselbaink warned the attacker that failure to respond would lead to legal action and the pursuit of their true identity. “As I am sure you know, we have several leads on your real identity, and at some point, we will have to pursue these in order to retrieve the user funds,” Hasselbaink stated.
Hacker Ignored Initial Communication
Following the hack, DeltaPrime attempted to contact the attacker through an on-chain message, urging them to engage in discussions about returning the stolen funds. However, the attacker either ignored the message or chose not to respond, according to Hasselbaink.
DeltaPrime emphasized in its message that the primary goal is to retrieve the stolen funds securely and efficiently, while also offering the hacker assurances of anonymity, noting that the protocol had previously worked with attackers in the past who voluntarily returned stolen funds.
“We prioritize safe fund retrieval,” DeltaPrime said, reaffirming its commitment to resolving the issue amicably if possible.
Deadline Set for Negotiation
DeltaPrime has made it clear that November 14 is the final deadline for the hacker to enter negotiations regarding the recovery of the $4.8 million. If no communication is received by that time, the protocol will no longer consider the breach a “white-hat” hack (one conducted for ethical reasons), and the situation will be escalated, including the pursuit of legal action.
This attack marks the second time DeltaPrime has been targeted by hackers. The first incident occurred in September, when the protocol lost $6 million due to a vulnerability in the security of its private keys, which were exploited to drain the funds from its contract.
Speculation on the Attacker’s Identity
Blockchain investigator ZachXBT previously raised concerns about the potential involvement of North Korean IT workers in the earlier attack. DeltaPrime had employed individuals with ties to North Korea, but the company has since removed all flagged personnel. While the connection between the current attack and North Korea remains unconfirmed, the unresolved speculation continues to cast a shadow over the protocol.
DeltaPrime’s ongoing efforts to recover the stolen funds highlight the growing concerns over security in the DeFi space, with hackers continuing to target vulnerabilities in decentralized protocols. The outcome of this latest incident will likely have significant implications for how the DeFi community addresses security and responds to future breaches.
