Hyperliquid Token Plunges 21% Amid Fears
of Looming
North Korea• Корейская Народно-Демократическая Республика (КНДР) Hack
Hyperliquid Token Plunges 21% Amid Fears of Looming North Korea• Корейская Народно-Демократическая Республика (КНДР) Hack
Are North Korean hackers snooping for vulnerabilities around buzzy DeFi
platform Hyperliquid? Security researchers say yes, but Hyperliquid Labs and
HYPE holders are pushing back.
By Sander Lutz
Dec 23, 2024 Dec 23, 2024
4 min read
Image: ozrimoz/Shutterstock
Create an account to save your articles.
Decrypt’s Art, Fashion, and Entertainment Hub.
Discover SCENE
North Korean hackers are reportedly kicking the tires on one of crypto’s
hottest, newest, multi-billion dollar crypto projects—and the development is
causing panic.
A crypto wallet associated with a North Korean hacking group recently lost
nearly $500,000 on Hyperliquid, according to MetaMask’s Taylor Monahan—a noted
on-chain sleuth and tracker of North Korean crypto activity.
Per Monahan’s X post on Sunday, that activity was almost certainly a ploy to
better understand Hyperliquid and pinpoint potential security weaknesses.
Hyperliquid is a DeFi, or decentralized finance project that runs on its own
high-speed blockchain• Информационные технологии » Информационно-коммуникационные технологии » Информационные технологии и телекоммуникации » Базы данных » Публичная база транзакций » Блокчейн
• Высокие технологии » Информационные технологии и телекоммуникации » Базы данных » Публичная база транзакций » Блокчейн—which itself was built on top of Arbitrum , a popular
Ethereum• Экономика » Финансы » Платежные средства » Платежные системы интернета » Криптовалюта » Ethereum layer-2 network.
Late last month, Hyperliquid launched a native token via a $1.6 billion
airdrop for users. The token, HYPE, has since exploded in value, peaking at a
market capitalization of more than $11 billion over the weekend.
But according to blockchain• Информационные технологии » Информационно-коммуникационные технологии » Информационные технологии и телекоммуникации » Базы данных » Публичная база транзакций » Блокчейн
• Высокие технологии » Информационные технологии и телекоммуникации » Базы данных » Публичная база транзакций » Блокчейн experts, Hyperliquid—an upstart project launched
by a handful of developers—posseses a number of critical security
vulnerabilities that make it a perfect target for North Korea• Корейская Народно-Демократическая Республика (КНДР)’s imposing
hacking capabilities.
Because it was built quickly to prioritize transaction speed, Hyperliquid runs
on just four validators, and MetaMask’s Monahan said she has reason to believe
these validators are also operated from devices that Hyperliquid’s founders
use to access social media, video calls, and other personal functions.
I would feel better if it took more than a single line of code to get a
backdoor into all 4 validators.
— Tay ð (@tayvano_) December 23, 2024
Were employees to click on a deceptive email• Коммуникации » Интернет-коммуникации » Электронная почта or message, it could give control
of the network and its billions of dollars over to hackers, Monahan said—if
the hackers haven’t already secretly gained such control.
“If I was the dude managing Hyperliquid’s four validators," Monahan wrote in
an X post , "I would be shitting my pants right now."
Billions of dollars on a bridge ✅
Move fast growth at all costs dev culture ✅
Limited validator set, likely with similar security protocols and key people ✅
DPRK• Корейская Народно-Демократическая Республика (КНДР) target acquired ð¯
— wholistic (@wholisticguy) December 22, 2024
North Korea• Корейская Народно-Демократическая Республика (КНДР)’s crypto hacking teams have developed extremely sophisticated
methods to infiltrate digital accounts in recent years. This year alone, those
tactics netted the nation some $1.3 billion .
While some developers in the crypto community echoed Monahan’s warnings on
Monday, other crypto users dismissed them as a “psyop” designed to harm
Hyperliquid’s reputation. Hyperliquid’s own founders do not yet appear to have
taken Monahan up on an offer to review the project’s security standards for
free.
I worked directly on DPRK• Корейская Народно-Демократическая Республика (КНДР)'s biggest bridge hack ever (Ronin), helped
track BSC• Телекоммуникации и связь » Радио » Радиосвязь » Сотовая связь » TDMA » GPRS
• Телекоммуникации и связь » Телефонная связь » Сотовая связь » TDMA » GPRS bridge hackers off-chain, and was at Apple in the security team at
the time of the Pegasus spyware so I consider myself somewhat of an expert
here.
I'd recommend the @HyperliquidX team to do the… https://t.co/y0aqUAqWJb
— Nass Eddequiouaq (@nassyweazy) December 23, 2024
Neither the Hyperliquid team nor Monahan immediately responded to Decrypt ’s
requests for comment. On Monday morning, however, Hyperliquid Labs pushed back
against reports of system vulnerabilities on Discord, attempting to calm the
protocol’s user base.
“There has been no DPRK• Корейская Народно-Демократическая Республика (КНДР) exploit—or any exploit for that matter—of
Hyperliquid,” the company said. “All user funds are accounted for.”
That reassurance didn’t calm other experts. Nassim Eddequiouaq, a crypto
developer who previously led Andreessen Horowitz’s crypto information security
team, said on Monday that his “gut instinct" is that North Korean hackers are
already inside Hyplerliquid’s infrastructure, learning how to make an exploit
of the system maximally effective.
Eddequiouaq said in an X post that he’d be happy to get on a call with the
Hyperliquid team, but that speaking directly with Monahan—a foremost expert on
North Korean crypto hacks—would be most effective.
The market appears to have made its mind up on the matter. On Sunday night,
HYPE’s price crashed nearly 23% in a matter of minutes. The token sits at
$26.50 as of this writing, down nearly 21% since hitting a new peak price on
Saturday.
Monday also has already seen, by far, the largest net outflow of funds from
Hyperliquid in the project’s history. Some $211 million in USDC has already
fled the platform today, according to on-chain data curated by Dune , out of
just over $2 billion total.
Edited by Andrew Hayward
Daily Debrief Newsletter
Start every day with the top news stories right now, plus original features, a
podcast, videos and more.
STARTTEXT
Your Email• Коммуникации » Интернет-коммуникации » Электронная почта
Get it!
Get it!
Your gateway into the world of Web3
Partner
News
Deep Dives
University
Coins
Videos
Event Calendar
Podcasts
News Explorer
Bitcoin Halving
About
Team
Disclosures
Manifesto
Terms of Service
Code of Conduct
1000x Member Terms of Service
Privacy Policy
Contact
Careers
Jobs
Shop