North Korean hackers are reportedly kicking the tires on one of crypto’s hottest, newest, multi-billion dollar crypto projects—and the development is causing panic.
A crypto wallet associated with a North Korean hacking group recently lost nearly $500,000 on Hyperliquid, according to MetaMask’s Taylor Monahan—a noted on-chain sleuth and tracker of North Korean crypto activity.
Per Monahan’s X post on Sunday, that activity was almost certainly a ploy to better understand Hyperliquid and pinpoint potential security weaknesses.
Hyperliquid is a DeFi, or decentralized finance project that runs on its own high-speed blockchain—which itself was built on top of Arbitrum, a popular Ethereum layer-2 network.
Late last month, Hyperliquid launched a native token via a $1.6 billion airdrop for users. The token, HYPE, has since exploded in value, peaking at a market capitalization of more than $11 billion over the weekend.
But according to blockchain experts, Hyperliquid—an upstart project launched by a handful of developers—posseses a number of critical security vulnerabilities that make it a perfect target for North Korea’s imposing hacking capabilities.
Because it was built quickly to prioritize transaction speed, Hyperliquid runs on just four validators, and MetaMask’s Monahan said she has reason to believe these validators are also operated from devices that Hyperliquid’s founders use to access social media, video calls, and other personal functions.
I would feel better if it took more than a single line of code to get a backdoor into all 4 validators.
— Tay 💖 (@tayvano_) December 23, 2024
Were employees to click on a deceptive email or message, it could give control of the network and its billions of dollars over to hackers, Monahan said—if the hackers haven’t already secretly gained such control.
“If I was the dude managing Hyperliquid’s four validators,” Monahan wrote in an X post, “I would be shitting my pants right now.”
Billions of dollars on a bridge ✅
Move fast growth at all costs dev culture ✅
Limited validator set, likely with similar security protocols and key people ✅DPRK target acquired 🎯
— wholistic (@wholisticguy) December 22, 2024
North Korea’s crypto hacking teams have developed extremely sophisticated methods to infiltrate digital accounts in recent years. This year alone, those tactics netted the nation some $1.3 billion.
While some developers in the crypto community echoed Monahan’s warnings on Monday, other crypto users dismissed them as a “psyop” designed to harm Hyperliquid’s reputation. Hyperliquid’s own founders do not yet appear to have taken Monahan up on an offer to review the project’s security standards for free.
I worked directly on DPRK’s biggest bridge hack ever (Ronin), helped track BSC bridge hackers off-chain, and was at Apple in the security team at the time of the Pegasus spyware so I consider myself somewhat of an expert here.
I’d recommend the @HyperliquidX team to do the… https://t.co/y0aqUAqWJb
— Nass Eddequiouaq (@nassyweazy) December 23, 2024
Neither the Hyperliquid team nor Monahan immediately responded to Decrypt’s requests for comment. On Monday morning, however, Hyperliquid Labs pushed back against reports of system vulnerabilities on Discord, attempting to calm the protocol’s user base.
“There has been no DPRK exploit—or any exploit for that matter—of Hyperliquid,” the company said. “All user funds are accounted for.”
That reassurance didn’t calm other experts. Nassim Eddequiouaq, a crypto developer who previously led Andreessen Horowitz’s crypto information security team, said on Monday that his “gut instinct” is that North Korean hackers are already inside Hyplerliquid’s infrastructure, learning how to make an exploit of the system maximally effective.
Eddequiouaq said in an X post that he’d be happy to get on a call with the Hyperliquid team, but that speaking directly with Monahan—a foremost expert on North Korean crypto hacks—would be most effective.
The market appears to have made its mind up on the matter. On Sunday night, HYPE’s price crashed nearly 23% in a matter of minutes. The token sits at $26.50 as of this writing, down nearly 21% since hitting a new peak price on Saturday.
Monday also has already seen, by far, the largest net outflow of funds from Hyperliquid in the project’s history. Some $211 million in USDC has already fled the platform today, according to on-chain data curated by Dune, out of just over $2 billion total.
Edited by Andrew Hayward
Read the full article here