In summary
- North Korean hackers used stolen funds to test Hyperliquid, raising concerns about possible vulnerabilities.
- Hyperliquid, a DeFi project with only four validators, is facing criticism for security risks in its infrastructure.
- The HYPE token fell 21% following expert warnings and the largest net withdrawals in the protocol’s history.
North Korean hackers are reportedly testing one of the hottest new multi-billion dollar Cryptocurrency projects, causing panic.
According to MetaMask’s Taylor Monahan, a prominent North Korean on-chain researcher and cryptocurrency activity tracker, a cryptocurrency wallet associated with a North Korean hacking group recently lost nearly $500,000 in Hyperliquid.
According to Monahan’s X post on Sunday, that activity was almost certainly a ruse to better understand Hyperliquid and point out potential security weaknesses.
Hyperliquid is a DeFi, or decentralized finance, project that runs on its own high-speed Blockchain, which was built on Arbitrum, an Ethereum layer 2 network.
Late last month, Hyperliquid launched a native token via a $1.6 billion airdrop to users. The HYPE token has exploded in value since then, reaching a market capitalization of more than $11 billion over the weekend.
But according to blockchain experts, Hyperliquid, a newly launched project by a handful of developers, possesses several critical security vulnerabilities that make it a perfect target for North Korea’s imposing hacking capabilities.
Because it was built quickly to prioritize transaction speed, Hyperliquid operates with just four validators, and MetaMask’s Monahan said he has reason to believe these validators are also operated from devices that Hyperliquid’s founders use to access social media, video calls and other personal functions.
If employees clicked on a misleading email or message, it could give hackers control of the network and its billions of dollars, Monahan said, if the hackers haven’t secretly gained such control already.
“If I were the guy running Hyperliquid’s four validators,” Monahan wrote in an X post, “I’d be scared shitless right now.”
North Korean cryptocurrency hacking teams have developed extremely sophisticated methods to infiltrate digital accounts in recent years. This year alone, those tactics have earned the nation $1.3 billion.
While some developers in the crypto community repeated Monahan’s warnings on Monday, other cryptocurrency users dismissed it as a “psychological operation” designed to damage Hyperliquid’s reputation. Hyperliquid’s own founders do not yet appear to have accepted Monahan’s offer to review the project’s security standards for free.
Monahan told Decrypt that the funds that passed through Hyperliquid earlier this month, and that came to his attention, were stolen and controlled by the same team of North Korean hackers that infiltrated Radiant and Poly Network last year. Monahan added that of the numerous North Korean cryptocurrency hacking groups, known collectively as the Lazarus Group but in fact operating independently, this is the most cryptocurrency native, creative, risk-prone and successful.
The Hyperliquid team did not immediately respond to Decrypt’s requests for comment. However, on Monday morning, Hyperliquid Labs defended itself against reports of system vulnerabilities on Discord, attempting to reassure the protocol’s user base.
“There has been no DPRK exploitation, or any other exploitation, on Hyperliquid,” the company said. “All user funds are accounted for.”
That assurance did not calm other experts. Nassim Eddequiouaq, a cryptocurrency developer who previously led Andreessen Horowitz’s crypto information security team, said Monday that his “gut instinct” is that North Korean hackers are already inside Hyplerliquid’s infrastructure, learning how to exploit the system most effectively.
Eddequiouaq said in a post on
The market seems to have made up its mind on this. On Sunday night, HYPE price plummeted by almost 23% in a matter of minutes. The token sits at $26.50 at the time of writing, down nearly 21% since hitting a new peak on Saturday.
Monday has also seen by far the largest net outflow of funds from Hyperliquid in the project’s history. According to on-chain data collected by Dune, some $211 million in USDC have already left the platform today, out of a total of just over $2 billion.
Edited by Andrew Hayward
Editor’s note: This story was updated after publication to include comments from Monahan.
Daily Debrief Newsletter
Start every day with the top news stories right now, plus original features, a podcast, videos and more.
For the Latest Crypto News, Follow ©KeynoteUSA on Twitter Or Google News.
Disclaimer: Please note that the information provided on this page is for News purposes only and should not be considered investment or trading advice. ©Crypto.keynoteusa.com strongly recommends that you conduct independent research and/or consult with a qualified professional before making any investment decisions.
