YEREVAN (CoinChapter.com) — North Korean hackers lost $458,000 in a failed Ethereum trading attempt on the decentralized platform Hyperliquid. On-chain data linked their activity to speculative trading, where a long position on Ethereum was liquidated.
North Korean Trading Transactions. Source: Hyperliquid Hackers Lose $458K in Liquidation
On-chain records show that a North Korea-linked address deposited $476,489 USDC into Hyperliquid. The hackers placed a long trade on Ethereum at $3,791.8, expecting the price to rise. However, when the price dropped to $3,251.8, the position was liquidated. This resulted in a loss of $458,000, leaving only $18,187 USDC in their wallet.
The incident, highlighted by crypto analyst tayvano_ on X, raised questions about Hyperliquid’s security. The platform operates with only four validators, prompting concerns about potential vulnerabilities in its infrastructure.
Hyperliquid Loss Breakdown. Source. Tayvano Hyperliquid’s Four Validators Face Scrutiny
The validators are responsible for securing transactions and assets within Hyperliquid. Crypto developer Cygaar noted that the Hyperliquid bridge currently holds $2.3 billion USDC. With a two-thirds quorum requirement, only three compromised validators would be enough for hackers to execute unauthorized withdrawals.
Hyperliquid Validator Risks. Source: Cygaar
Despite recently reaching a total value locked (TVL) of $22 billion, Hyperliquid’s reliance on a limited number of validators has drawn scrutiny. Some in the crypto community view this as a significant security risk, especially with the increasing sophistication of hacking operations.
The hackers’ losses also reflect broader suspicious activity. Over the past week, North Korean-linked addresses have collectively lost more than $700,000 on Hyperliquid. Analysts believe this activity could signal tests for larger hacking attempts.
Proposed Measures to Protect Funds
Experts pointed out potential defenses, including the role of Circle, the issuer of USDC. Circle has the ability to blacklist addresses linked to hackers, preventing the movement of stolen funds. Additionally, Hyperliquid is secured by the Arbitrum chain, which is governed by a 9/12 multi-signature council. This council has the authority to roll back transactions during emergencies.
However, the use of rollbacks remains controversial, as it challenges blockchain’s core principle of decentralization. In past cases, similar proposals met with resistance within the crypto community. Despite these defenses, the hackers’ activity has highlighted the platform’s vulnerabilities.
