An unprecedented outflow of funds from Hyperliquid comes after claims by cybersecurity experts that a North Korea-linked hacking group may have used the platform to test its techniques. In the past 30 hours, users have withdrawn more than $256 million, marking the largest single-day outflow of funds in the platform's history.
Transaction Analysis and Hyperliquid’s Statement
On December 23, withdrawals from Hyperliquid reached a record high of $502.71 million, while inflows stood at around $253.5 million. MetaMask security researcher Tai Monahan suggests that North Korean hackers known as Lazarus Group may have begun testing on the platform back in October.
The Hyperliquid team, in turn, has refuted these accusations, stating in its Discord channel that it is aware of the circulating reports regarding potential DPRK activity.
“We have detected no exploits or leaks on the platform. All user funds remain safe. The team added that they conduct regular system audits and are prepared to review potential vulnerabilities through a bug bounty program,” the statement said.
Community Response and Infrastructure Criticism
Monahan also noted that Hyperliquid’s security and infrastructure are largely centralized, relying on just four validators. This observation sparked a wide range of reactions from crypto experts, with supporters of Hyperliquid accusing Monahan of creating unnecessary fear.
Additionally, the platform’s native token, HYPE, was affected by the news, dropping 20% from a high of $35 to about $28.
Several developers and researchers, including Wildcat Labs co-founder Laurence Day, backed Monahan’s claims, pointing out that the presence of DPRK hackers like Lazarus always constitutes a serious threat.
Risks and Potential Countermeasures
A developer using the pseudonym Cygaar named two protective measures in the event of an attack on Hyperliquid. First, Circle, the issuer of the USDC stablecoin, could freeze suspicious addresses to prevent fund withdrawals. Second, the Arbitrum network — on which Hyperliquid operates — could theoretically roll back transactions. Day, however, called the latter approach unlikely unless the threat is deemed existential.
North Korea and Cyber Threats
Recent data indicates that North Korean hackers have stolen $1.3 billion worth of cryptocurrencies in 2024 alone, double the previous year’s total. Analysts claim these funds are used to circumvent international sanctions and finance weapons development programs.
Hyperliquid has yet to issue a detailed response to these accusations, but the situation highlights vulnerabilities in crypto platform infrastructure and the growing activity of hackers in the digital asset market.
This post is for informational purposes only and is not an ad or investment advice. Please do your own research making any decisions.
