Hyperliquid Labs Denies DPRK Hack, Confirms Funds Are Safe

Hyperliquid Labs, a decentralized perpetual futures trading platform, has strongly denied allegations of being exploited by wallets linked to North Korean hackers.

The company has assured its users that no vulnerabilities have been found and all funds remain secure, following widespread concerns about suspicious trading activity.

Reports of DPRK-Linked Wallets Spark Security Concerns

Concerns emerged after Taylor Monahan, a security expert, claimed that wallets flagged as being associated with North Korean hackers had engaged in trading on Hyperliquid’s platform.

These wallets reportedly conducted transactions involving Ethereum (ETH), leading to liquidations totaling over $700,000.

Monahan, in a statement on social media, suggested the activity could have been an attempt to probe the platform’s defenses. The activity triggered fears among users, leading to significant withdrawals of USDC from the platform. According to data from Hashed’s Dune Analytics dashboard, over $194 million in USDC was withdrawn on Monday alone.

Hyperliquid Refutes Exploit Claims

After the allegations, Hyperliquid Labs has come forward to address the issue via its Discord channel, claiming that there was no hack or exploit. ‘Hyperliquid Labs has noted the rumors circulating with regard to activity on behalf of DPRK addresses.’

To the best of the authors’ knowledge, there has been no DPRK exploit – or any exploit for that matter – of Hyperliquid. All customer funds are accounted for,” the company said.

The team also emphasized the operational security that it uphold by using strong bug bounty program and compliance with industry standard in blockchain analysis. According to Hyperliquid Labs, there has been no disclosure of any vulnerability by any security researcher or third party.

HYPE Token Volatility Stabilizes

The accusations and the subsequent market concerns resulted in the drop of Hyperliquid’s native currency, HYPE. The token fell by more than 25% from $34 on Sunday to $25 on Monday.

Nevertheless, as Hyperliquid Labs provided guarantees that user funds are safe, the price of HYPE stabilized, and at the time of writing, it was $27, as seen on DexScreener.

Despite being one of the leading providers of on-chain perpetual futures trading where it holds more than 55% of the market, Hyperliquid remains a dominant force in the DeFi space. However, regardless of the recent fluctuation in the platform’s market standing, the market position seems to have been able to win back investors.

Security Risks of Validator Infrastructure

Despite Hyperliquid dismissing the claim that there is an exploit, the platform is said to be at risk because it has only a few validators. Several crypto security experts pointed out that Hyperliquid has only four validators, which could be a problem if three of them were compromised.

A crypto developer, Cygaar, explained that Hyperliquid’s bridge on Arbitrum One currently holds $2.3 billion in USDC. Since the platform operates on a two-thirds quorum requirement, compromising three validators could allow malicious actors to access the entire amount.

To address such scenarios, experts have suggested that Circle, the issuer of USDC, could blacklist hacker-linked addresses to prevent the stolen funds from being moved or converted. Additionally, the Arbitrum multi-signature security council could roll back malicious transactions in the event of an attack. However, this option remains controversial due to concerns about centralization.

✓ Share:

Kelvin Munene Murithi

Kelvin is a distinguished writer with expertise in crypto and finance, holding a Bachelor’s degree in Actuarial Science. Known for his incisive analysis and insightful content, he possesses a strong command of English and excels in conducting thorough research and delivering timely cryptocurrency market updates.

Disclaimer: The presented content may include the personal opinion of the author and is subject to market condition. Do your market research before investing in cryptocurrencies. The author or the publication does not hold any responsibility for your personal financial loss.