|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Cryptocurrency News Articles
Hyperliquid Denies Being Hacked by North Korea’s Lazarus Group, Despite On-Chain Data Showing Evidence of Large-Scale Fund Withdrawals
Dec 24, 2024 at 08:53 am
Rumors of a North Korean hack have been circulating today, leading users to withdraw $60 million from the platform.
Hyperliquid, a decentralized exchange (DEX), has denied rumors of a hack by North Korea's Lazarus Group, despite on-chain data showing large-scale fund withdrawals from suspicious wallet addresses linked to the group.
On December 23, several North Korea-linked wallet addresses reportedly deposited and withdrew substantial amounts of ETH from Hyperliquid, according to on-chain data analysis.
This activity has sparked speculation among members of the crypto community, who are closely monitoring the situation and awaiting official statements from the exchange and relevant authorities.
Meanwhile, Taylor Monahan, a security expert at Metamask, has expressed concern over the lack of clear signs of user fund manipulation by the hackers. According to Monahan, the hackers may have already breached Hyperliquid's security without directly interfering with user funds.
“The hackers do not need to touch any user funds to pwn the platform. Any party that is able to do a full technical audit of the platform will be able to identify clear vulnerabilities in the code or architecture of the platform. These should then be shared with the platform team for them to fix,” stated Monahan.
Hyperliquid yet to Address Lazarus Accusations Publicly
Rumors of the Lazarus Group targeting Hyperliquid began circulating today, prompting many users to withdraw around $60 million from the platform.
As these rumors spread, the exchange's HYPE token was already experiencing a decline, leading official accounts to attempt damage control through Discord messages.
“There has been no DPRK exploit- or any exploit for that matter- of Hyperliquid. All user funds are acounted for. Hyperliquid Labs takes OpSec seriously. No Vulnerabilities have been shared by any party. To be clear, there was never any allegation of any exploit on Hyperliquid,” posted one of the platform's executives on Discord.
While the platform executives are denying any Lazarus Group involvement and claiming that all user funds are accounted for, Hyperliquid has yet to make any public statements or announcements to address the accusations.
On the other hand, the on-chain data analysis reveals that Lazarus-linked accounts did indeed deposit $476,489 in ETH tokens onto Hyperliquid before subsequently withdrawing them.
While these movements alone may not definitively indicate an exploit, the large volume of outflow from suspicious wallet addresses in a single day is certainly raising eyebrows.
However, MetaMask security expert Taylor Monahan is urging greater caution. Given the crypto industry's familiarity with the severity of any incident linked to the infamous Lazarus Group, Hyperliquid should be taking its threats very seriously, according to the security expert
“I am quite concerned that you guys are at increased risk due to the fact that we know that these specific threat actors are now intimately familiar with your platform. I really want to emphasize that these are the most sophisticated and rapidly evolving of all the DPRK threat groups. They are very creative and persistent,” claimed Monahan.
Monahan went on to state that the exchange's evasive and defiant attitude is a very worrying sign. Even if Lazarus hasn't disturbed any of the funds on Hyperliquid, it may have already penetrated its security.
The Metamask security expert also highlighted that the firm has no more than 4 validators, all of which run the same code, and an unknown number of higher-ups who can bypass key security vulnerabilities.
“In short, if any of the founders, executives, or engineers use the same devices to access the same systems, then one malware link could unravel the whole operation. Lateral movement is one of the key strategies of North Korean hackers, where they leverage multiple access points to move through a network. So, if one high-level person's private device gets compromised, a major hack becomes inevitable. But, as of now, Hyperliquid does not seem stressed about these accusations.
Disclaimer:info@kdj.com
The information provided is not trading advice. kdj.com does not assume any responsibility for any investments made based on the information provided in this article. Cryptocurrencies are highly volatile and it is highly recommended that you invest with caution after thorough research!
If you believe that the content used on this website infringes your copyright, please contact us immediately (info@kdj.com) and we will delete it promptly.
-
- The U.S. Securities and Exchange Commission (SEC) has taken a significant step in its regulatory scrutiny of blockchain gaming projects
- Dec 25, 2024 at 02:40 am
- The U.S. Securities and Exchange Commission (SEC) has taken a significant step in its regulatory scrutiny of blockchain gaming projects by issuing a Wells
-
- POPCAT and Bonk (BONK) Shed Market Caps as Investors Search for Better Opportunities, Funds Flow into Novel Cross-Border Protocol Remittix
- Dec 25, 2024 at 02:35 am
- Solana meme coins like POPCAT and Bonk have seen dramatic market cap losses, shedding hundreds of millions as investors search for better opportunities. Many of these funds seem to be flowing into Remittix, a novel cross-border protocol.
-
- Lucky Block Bitcoin Casino Review: Is It Legit and What to Expect?
- Dec 25, 2024 at 02:35 am
- Thinking about diving into the world of crypto gambling? Lucky Block Bitcoin Casino might just be the spot for you. It's not just a place for slots but also offers sports betting, live games, and more. But before you jump in, it's important to know if it's legit and what to expect. Let's take a closer look at how you can spend your crypto at Lucky Block and whether it's a trustworthy platform.