Millions of USDC has been moved from Hyperliquid, a decentralized layer 1 exchange that bridges to Arbitrum, a layer 2 network built on Ethereum. This is coming off the back of a series of posts on X (formerly Twitter) by one of the leading voices in crypto security, Tayvano, also known as Tay, who raised concerns about the activities of hackers linked to the Democratic People’s Republic of Korea (DPRK) on the Hyperliquid bridge.
Tayvano’s post referenced some addresses linked to DPRK hackers who lost over $700,000 in trading on Hyperliquid. The alarm seems to have triggered major FUD in the Hyperliquid community, leading to a movement of over $114 million in USDC from the platform.
According to Tayvano, the loss of $700,000 from those trading addresses wasn’t a mistake but a test to check for vulnerabilities on the platform. She said, “Yall, DPRK doesn’t trade. DPRK tests.”
This isn’t the kind of news Hyperliquid expects after it recently recorded over $13 billion in a 24-hour trading volume thanks to increased trading activities on its platform fueled majorly by its airdrop event, which happened less than a month ago. Ironically, its liquidity could also be why it popped up on the hackers’ radar.
It’s worth noting that this isn’t the first time Tayvano has called the attention of the Hyperliquid team to the activities of North Korean hackers on its trading platform. Tay raised an alarm two weeks ago and offered to work with the Hyperliquid team to mitigate the risks DPRK hackers may pose to the platform.
A trail of losses due to the Hyperliquid FUD
As of this writing, Hyperliquid hasn’t released any comments, and its token, HYPE, is currently down by over 20%. Two major whales are liquidating close to $4 million of their assets.
According to Entropy Advisors on X, Hyperliquid has four validators, and if three of these four validators are compromised, it can lead to a loss of $2.2 billion in USDC across the bridge.
While this hasn’t happened yet and may never happen, the prospect hasn’t helped quell the ongoing FUD as it calls into question the security of the Hyperliquid platform. It also presents an ongoing issue for bridges in general.
Blockchain bridges like Hyperliquid have been touted as the future of on-chain transactions; however, these bridges have been known to be relatively vulnerable to hacks. They account for over 31% of the total value of funds lost to hacks, according to Defillama.
Popular bridge hacks such as the Ronin, Binance, and Nomad bridge hacks have resulted in the loss of hundreds of millions. Orbit chain, socket and ALEX bridge are the most recent bridges to suffer hacks and lose millions as a result of cross-chain vulnerabilities that exist on bridges.
False alarm or sound advice
The alert Tayvano raised has brought other players in the blockchain security space with opposing views into the conversation.
Some professionals are advising the Hyperliquid team to look into the concerns Tayvano raised. The other side of the argument has referred to her as a prophet of doom who is deliberately trying to undermine the Hyperliquid team and cause FUD because the team won’t work with her.
An X user (@PixOnChain) observing the impact of Tayvano’s post on users mentioned that the fear of a potential hack has led to the loss of over $2 billion off Hyperliquid’s market cap. The X user added that continuous education, collaboration, and strengthened security will help defend against FUDs.
In a now-deleted post on X, Jared Grey, the “head chef” at Sushi Labs, while admitting his respect for Tayvano wrote that he believes that having an open forum to address claims of security issues on any protocol should be encouraged. He believes addressing these issues without generating FUD among users is easy and with the right coordination, attacks will be reduced.
DPRK government-sponsored hackers are at the forefront of crypto hacks, accounting for the majority of the crypto thefts recorded. They are reported to have raked in over $1.34 billion from doing that this year alone.
These hackers are known to carry out large-scale and small-scale operations, leading to intensified efforts by the US and other governments to clamp down on their activities. The campaign to crack down on these bad actors has led to increased sophistication in North Korean hacker operations, who also invent creative ways of gaining unauthorized access into crypto circles, including as staff members.
Read the full article here
Discussion about this post