Hyperliquid (HYPE) Threatened By North Korean Hackers

Hyperliquid (HYPE), a decentralized perpetual exchange (DEX) operating on its own Layer 1 blockchain, is currently grappling with significant security concerns after observing abnormal trading activities linked to North Korean hacker groups. Several addresses marked as North Korean hacker have been trading on Hyperliquid, with a total loss of more than $700,000, as first highlighted by @tayvano_, a crypto threat tracker known for his expertise in identifying risks related to North Korean cyber activities.

According to @tayvano_, the nature of these transactions suggests that they may be tests of Hyperliquid’s security systems rather than mere financial activity. He expressed his concerns through a post on X. “DPRK’s trading career is…uh….going….. tbh if I was the dude managing Hyperliquid’s 4 validators (or those fucking ghetto ass binaries on gh) I would be shitting my pants right now. Hyperliquid dudes don’t seem worried at all though so I’m sure its fine. […] DPRK doesn’t trade. DPRK tests,” he explained.

Further underscoring the urgency of the situation, @tayvano_ followed up with a strong statement about the necessity for immediate action by Hyperliquid to enhance its defenses. “My offer from 2 weeks ago still stands Hyperliquid. I’m still happy to do it async or via a call. I can even give you one of my super nice happy colleagues if you don’t like me. But a massive amount of harm will come to people if you don’t harden your ass asap,” he warned.

Hyperliquid Faces Some Serious Risks

Prithvir Jhaveri, founder and CEO of Loch, a personalized crypto portfolio analytics and intelligence platform, provided an assessment of the challenges which Hyperliquid is facing via X. Jhaveri detailed the operational security risks, highlighting the exposure due to the platform’s reliance on a minimal number of validators.

“Wallet addresses well-known to be from the North Korean hacker group Lazarus have been testing Hyperliquid. Typically, these addresses perform tests with live funds before coordinating a hack. Their preferred method of approach is phishing. HL has only 4 validators, all running the same code,” Jhaveri reported.

He also elaborated on the regulatory challenges that Hyperliquid might face. He discussed the potential for violations of US Office of Foreign Assets Control (OFAC) sanctions and Securities and Exchange Commission (SEC) regulations due to the platform’s interaction with entities from a sanctioned country and its operation as an unregistered broker, respectively.

They’re operating financial software that is being used by an OFAC-sanctioned country (DPRK). They can argue that their software is open source and non-custodial, but we’ll have to wait and watch. Moving from 4 validators to 16 could help their case,” he explained about OFAC risks.

About the SEC risks, he added: “The SEC could go after HL for operating as an unregistered broker. The good thing for HL is that the next administration’s SEC and Congress are positioned to be pro-crypto and freedom. The issue, however, is that the sponsors for this crypto lobby are directly competitive to HL. HL didn’t take any VC funding. They’re up against the big money that is economically incentivized to protect the interests of the current CEXs (Coinbase and Kraken) and L1s (Ethereum and Solana).”

The concentration of market-making activities within Hyperliquid’s own liquidity provider (HLP) is another concern Jhaveri raised, pointing out the risks associated with a centralized approach to liquidity. He warned that any significant exploit could lead to substantial financial loss for customers: “The HyperLiquid Liquidity Provider (HLP) is by far the largest MM by volume […] One bug or exploit and customer funds could vanish quickly.”

In conclusion, Jhaveri summarized the strategic position of Hyperliquid amid these challenges. “The HL team has built an incredible product. Trading perps on Hyperliquid is unparalleled in UX. However, the risks they face are not nothing. If they can overcome these, Valhalla is not far away […], but I’m struggling to see the risk-adjusted upside in bidding right now.” he concluded.

At press time, HYPE traded at $28.

Featured image created with DALL.E, chart from TradingView.com