Hyperliquid Denies North Korean Infiltration

Reading Time: 2 minutes
  • Hyperliquid has denied being hacked despite security researchers’ findings
  • The DeFi platform said it hasn’t been compromised by North Korean hackers adding that user funds are safe
  • Security researchers, however, hold that hackers are already on the platform and are looking for potential weaknesses

DeFi platform Hyperliquid has denied claims by blockchain security researchers that it has been infiltrated by North Korean hackers. Security researchers noted that an account tied to the hackers on the DeFi platform lost roughly $500,000, which the researchers said is the attackers’ way of looking for weaknesses in the platform to maximize stolen funds. The researchers have pinpointed Hyperliquid’s low number of validators as one of the major weaknesses, something that may cause irreparable damage if hackers take control of the validators.

They Haven’t “Hacked the Money. Yet.”

MetaMask’s Taylor Monahan is among the top blockchain experts who believe the DeFi platform is already in the grip of North Korean hackers. According to Monahan, although the hackers haven’t siphoned funds from the platform, they’re preparing to do so.

Monahan noted that it’s likely that the hackers will trick the DeFi platform’s staff to click a malicious link that will install malware and give them control of all the validators. The attackers will then “steal all the money given the access they have.”

The on-chain sleuth advised the DeFi protocol to educate its staff, limit access, and monitor critical resources. According to Monahan, it’s hard for Hyperliquid to “actually know if they are [hacked] or not” because the attackers haven’t “hacked the money. Yet.”

“A Handful of Dudes” Run Hyperliquid

Monahan also disclosed that the DeFi platform is run by “a handful of dudes” which makes it harder to address all smart contract weaknesses before they’re exploited. 

Despite assuring users that their funds are safe, the protocol has experienced a mass exodus from its users with the price of its native token, HYPE, dropping by more than 20%. The incident, if true, marks a new tactic by North Korean crypto hackers to infiltrate a platform and look for weaknesses from the inside before siphoning funds. 

With Hyperliquid run by “a handful of dudes” and prioritizing speed over security, the DeFi platform is prone to having several weaknesses making it easy for hackers. 

Share