DeltaPrime Blue on Arbitrum lost $5.98 million after a compromised admin address was used to upgrade proxy contracts to a malicious implementation. The attacker inflated deposit balances across pools, made 57 withdrawals, and moved USDC, WBTC and WETH into ETH while changing the proxy admin on victim contracts. REKT cites ZachXBT's note that DeltaPrime had previously been warned about DPRK IT workers, but the excerpt does not confirm Lazarus responsibility, so the incident should be tracked as a DeFi private key compromise with an unverified DPRK angle.