Trusted

Hyperliquid Denies Indicators of a North Korean Hack, Despite On-Chain Evidence

3 mins
Updated by Mohammad Shahid
Join our Trading Community on Telegram

In Brief

  • Hyperliquid denies any security breach by the Lazarus Group despite evidence showing suspicious deposits and withdrawals of ETH.
  • Security expert Taylor Monahan highlights significant vulnerabilities in Hyperliquid's system and warns of potential exploitation.
  • Lazarus Group, linked to major crypto heists, has shown increased interest in Hyperliquid, raising concerns of an imminent attack.
  • promo

Hyperliquid denies being hacked by North Korea’s Lazarus Group, despite on-chain data showing evidence of large-scale fund withdrawals. On-chain data reportedly shows that North Korea-linked wallet addresses collectively deposited and withdrew substantial amounts of ETH from the platform on December 23.

Taylor Monahan, a security expert at Metamask, warned that the hackers do not need to meddle with user funds to breach security and identified clear vulnerabilities in Hyperliquid’s system.

Hyperliquid: Lazarus’ Next Target?

Hyperliquid, a decentralized exchange, officially responded to its critics via Discord. Rumors of a North Korean hack have been circulating today, leading users to withdraw $60 million from the platform. The exchange’s HYPE token was already falling before this recent development, prompting official accounts to conduct damage control

“There has been no DPRK exploit- or any exploit for that matter- of Hyperliquid. All user funds are acounted for. Hyperliquid Labs takes OpSec seriously. No Vulnerabilities have been shared by any party. To be clear, there was never any allegation of any exploit on Hyperliquid,” one of the platform’s exeutives posted on Discord.

Hyperliquid has yet to provide any public statements or announcements to publicly explain the accusations. Instead, on-chain data reveals that Lazarus-linked accounts deposited $476,489 in ETH tokens onto Hyperliquid before subsequently withdrawing them.

While these are not concrete signs of an exploit, they do raise questions about why the platform is seeing such a large volume of outflow from suspicious wallet addresses in a single day.

Lazarus Group Places Funds on Hyperliquid
Lazarus Group Places Funds on Hyperliquid. Source: LookOnChain

However, MetaMask security expert Taylor Monahan strenuously urged greater caution. The crypto industry is well aware of the severity of any incident linked to the infamous Lazarus Group. Therefore, Hyperliquid should take its threats very seriously, according to the security expert.

North Korean Hackers Continue to be a Nightmare

The US government believes that Lazarus stole nearly $900 million. Overall, North Korean hackers have been behind some of the biggest crypto hacks of 2024. In fact, DPRK-based actors were behind the critical Radiant Capital hack earlier this year, which involved breaching the platfroms sophisticated multisig wallet authentication.

The speculation that similar entities could be showing interest in Hyperliquid is extremely concerning.

“I am quite concerned that you guys are at increased risk due to the fact that we know that these specific threat actors are now intimately familiar with your platform. I really want to emphasize that these are the most sophisticated and rapidly evolving of all the DPRK threat groups. They are very creative and persistent,” Monahan claimed.

Monahan went on to state that the exchange’s evasive and defiant attitude was a very worrying sign. Even if Lazarus hasn’t disturbed any of the funds on Hyperliquid, it may have already penetrated its security.

The Metamask security expert also stated that the firm had no more than 4 validators, all of which run the same code, and an unknown number of higher-ups can bypass key security vulnerabilities.

In short, if founders, executives, and engineers use the same devices to access the same systems, then one malware link could unravel the whole operation. Lateral movement is one of the key strategies of North Korean hackers, where they leverage multiple access points to move through a network.

So, if one high-level person’s private device gets compromised, a major hack becomes inevitable. However, as of now, Hyperliquid does not seem stressed about these accusations.

🎄Top crypto platforms | December 2024
Phemex Phemex Explore
BYDFi BYDFi No KYC
Margex Margex Explore
BingX BingX Explore
Сoinex Сoinex Explore
🎄Top crypto platforms | December 2024
Phemex Phemex Explore
BYDFi BYDFi No KYC
Margex Margex Explore
BingX BingX Explore
Сoinex Сoinex Explore
🎄Top crypto platforms | December 2024

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and ConditionsPrivacy Policy, and Disclaimers have been updated.

image-10-1.png
Landon Manning
Landon Manning is a journalist at BeInCrypto, covering a wide range of topics, including international regulation, blockchain technology, market analysis, and Bitcoin. Previously, Landon spent six years as a writer with Bitcoin Magazine and co-authored a Bitcoin maximalist newsletter with 30,000 subscribers. Landon holds a Bachelor of Arts in Philosophy from Sewanee: The University of the South.
READ FULL BIO
Sponsored
Sponsored