Home / News / Crypto / News / Hyperliquid at Risk? Developer Team Shrugs Off North Korean Hacking Alarm
News
4 min read

Hyperliquid at Risk? Developer Team Shrugs Off North Korean Hacking Alarm

Last Updated
Prashant Jha
Last Updated
By Prashant Jha
Edited by Insha Zia

Key Takeaways

  • Hyperliquid sees trading activity from North Korean hacker addresses.
  • On-chain observers believe this activity may signal a larger hacking operation.
  • Hyperliquid says no vulnerability has been detected, and funds are safe.

Hyperliquid, a decentralized leveraged trading platform, recently found itself at the center of a cybersecurity scare after suspicious trading activity was traced back to North Korean hacker groups.

On-chain analysts flagged a surge in transactions from known addresses, sparking concerns about a potential breach and the possibility of a coordinated, large-scale attack.

Despite the rising alarm, the platform’s developers have stepped forward to address the issue, reassuring users that while they are aware of the flagged accounts, they see no reason for concern.

Hyperliquid Dismisses Hack Concerns

Hyperliquid Labs took to Discord to downplay the recent concerns about a potential hack.

In response to reports of suspicious activity linked to addresses associated with North Korea’s Democratic People’s Republic of Korea (DPRK), the firm reassured users that DPRK or any other group had not compromised it.

Hyperliquid emphasized that all user funds remained secure.

“Hyperliquid Labs takes opsec seriously. No vulnerabilities have been shared by any party.”

Despite this assurance, several DeFi experts and software engineers have raised concerns about the platform’s relatively low validator count, suggesting that this could expose it to risks that Hyperliquid’s response has yet to fully address.

Is Hyperliquid at Risk of a Major Breach?

Over the past week, the DPRK-linked accounts have collectively lost more than $700,000 on the platform. While some believe these losses are part of a smokescreen, others suggest they may signal the testing of a broader hacking conspiracy.

One popular crypto influencer  on X highlighted that Hyperliquid only relies on four validators for its security. If hackers were to compromise three of these validators, they could access billions in crypto funds stored in the platform’s bridge.

Cygaar, a crypto software developer, explained that the Hyperliquid bridge currently holds $2.3 billion in USDC.

Since the platform operates on a two-thirds quorum requirement for validator signatures, just three out of the four validators could authorize a withdrawal request for the entire amount, sending it to a malicious address controlled by hackers.

Defending Against a Potential Attack

The low number of validators poses a significant security risk, but experts have suggested ways to potentially mitigate the damage in the event of a breach.

Cygaar proposed  two lines of defense that could help prevent the hackers from converting stolen assets.

The first defense involves the USDC contract issuer, Circle, which could blacklist the addresses used in the attack.

This would prevent the stolen USDC from being moved or converted into other assets, such as ETH, which is a common tactic employed by North Korean hackers.

If Circle acts swiftly, it could freeze the stolen funds and potentially return them to the Hyperliquid bridge before the hackers have a chance to launder them.

However, this approach requires rapid action to be effective, given the hackers’ tendency to use privacy protocols like Tornado Cash to obscure their movements.

The second defense mechanism involves the Arbitrum chain, which secures the Hyperliquid platform.

The Arbitrum bridge contract is protected by a 9/12 multi-signature security council, which oversees the state of the chain.

In the event of an emergency, the council has the ability to roll back transactions and alter the chain’s state to reverse any malicious activity.

However, using this rollback feature is highly controversial within the crypto community. Many see such actions as a breach of the blockchain’s core principles of decentralization.

A similar proposal was met with backlash when former Binance CEO Changpeng Zhao suggested a Bitcoin blockchain rollback  after a massive hack in 2020.

Cygaar emphasized that the Arbitrum security council’s rollback power should only be used in the most extreme circumstances, given the potential for centralization concerns.

While these proposed defense mechanisms may provide some level of protection, the risk remains.

Was this Article helpful? Yes No

Prashant Jha

Prashant Jha is a crypto-journalist focused on the US and UK markets, his interests lie in blockchain technology and crypto adoption across emerging economies.
See more