bitcoin
bitcoin

$94132.298971 USD

-1.72%

ethereum
ethereum

$3403.795732 USD

2.13%

tether
tether

$0.998811 USD

-0.01%

xrp
xrp

$2.237086 USD

1.56%

bnb
bnb

$684.593023 USD

1.65%

solana
solana

$192.390249 USD

5.12%

dogecoin
dogecoin

$0.320338 USD

1.84%

usd-coin
usd-coin

$1.000102 USD

0.00%

cardano
cardano

$0.898877 USD

0.32%

tron
tron

$0.251767 USD

0.90%

avalanche
avalanche

$39.293983 USD

6.46%

chainlink
chainlink

$24.005354 USD

3.52%

toncoin
toncoin

$5.635840 USD

3.71%

sui
sui

$4.539831 USD

5.04%

shiba-inu
shiba-inu

$0.000022 USD

2.25%

Cryptocurrency News Articles

Hyperliquid Retreats as Speculation Surges North Korean Hackers May Target Project

Dec 24, 2024 at 04:23 am

The HYPE token price has tumbled in the past two days, and some $210 million of deposits in the stablecoin USDC has flowed off the platform

Hyperliquid Retreats as Speculation Surges North Korean Hackers May Target Project

Hyperliquid, a blockchain undertaking constructed for buying and selling that ascended to the highest echelons of crypto headlines following final month’s airdrop of its new HYPE token, now seems to be beating a retreat because of speculation surging on social media that it could be within the crosshairs of North Korean hackers.  

The HYPE token value has plummeted within the final two days, and a few $210 million of deposits within the stablecoin USDC have flowed off the platform, a report-breaking day by day quantity, in keeping with a dashboard on the analytics platform Dune Analytics created by Hashed_Official. As of press time, remaining deposits stood at roughly $2.1 billion. 

Some canny opportunists have even spun up a prediction market on Polymarket for users to bet on whether the undertaking could be exploited earlier than February. Current odds point to a 14% probability of that taking place. 

The speculation was touched off as Taylor Monahan, a developer at crypto wallet provider MetaMask, shared her worries on social media. CoinDesk famous the outflows in a tale printed earlier Monday. 

Monahan indicated that wallet addresses identified as belonging to suspected North Koreans have been actively using Hyperliquid – one in every of which was liquidated on Saturday when the worth of Ethereum’s cryptocurrency, ETH, dropped, leading to a loss of about half 1,000,000 dollars.

Read More: Polygon Community to Reject Proposal for Yield on Bridged Assets, but Beef With Aave Escalates

On Sunday, Monahan posted on X a screenshot of a message she says she wrote two weeks ago to the Hyperliquid team — as evidence that she had warned them of the elevated risk.   

“I am quite concerned that you guys are at increased risk due to the fact we know that these specific threat actors are now intimately familiar with your platform,” Monahan wrote at the time, according to the screenshot. She emphasized that North Korean hackers are sophisticated, creative, and persistent.

In her recent post, Monahan shared 12 addresses she identified as likely belonging to North Koreans that are active on Hyperliquid. None of the addresses appear to be on a sanctions list administered by the U.S. Office of Foreign Assets Control, Unchained confirmed.

Monahan said she shared her concerns on X, because the Hyperliquid team had “ghosted” her, a colloquialism for not responding. 

A pseudonymous developer for the Hyperliquid project, who goes by @iliensinc, wrote in the protocol’s Discord server early Monday that, “Hyperliquid Labs is aware of reports circulating regarding activity by supposed DPRK addresses.”

“There has been no DPRK exploit – or any exploit for that matter – of Hyperliquid,” according to the post. “All user funds are accounted for.” 

Hyperliquid’s Security Set-Up

The validator set of the Hyperliquid blockchain secures the protocol’s EVM bridge, according to the protocol’s documentation. To trade on Hyperliquid, crypto users have to switch their wallet address to Arbitrum and deposit the stablecoin USDC into Hyperliquid’s bridging contract, which is less than two years old and has more than $2.1 billion at press time.

Mudit Gupta, chief information security officer at Polygon Labs, said on X, “Hyperliquid bridge is controlled by two 3-of-4 hot wallet multisigs, managed by a single binary. I’d advise them to increase this threshold and eliminate the single point of failure instead of attacking security researchers.”

Unchained was unable to confirm the details in the project’s documentation. 

Adrian Hetman, head of triaging at bug bounty platform Immunefi, told Unchained in emailed comments that, “In any case, relying primarily on a 3/4 validator setup as the main protection for their bridge is highly risky.” 

North Korean hackers previously have targeted bridge smart contracts to steal funds, notably in incidents involving the Ronin and Harmony bridges.

Some commenters on social media remarked that Monahan was spreading “FUD” – an acronym that stands for “fear, uncertainty, and doubt” – while others suggested that she was seeking attention for herself. 

Monahan said she wouldn’t have aired the criticisms without first attempting to notify the Hyperliquid team. 

“If there was any chance of them listening to me, I wouldn’t have tweeted and especially not in that way,” she wrote in a Telegram group chat with over 4,400 members. 

“I would be sh-tting my pants right now,” Monahan wrote. 

Hyperliquid’s @iliensinc said in the Discord post someone reached out to the team with security concerns but communicated using insults and profanity. “Given the level of professionalism displayed, Labs conferred instead with trusted parties,” per @iliensinc’s Discord announcement. 

Hyperliquid

News source:unchainedcrypto.com

Disclaimer:info@kdj.com

The information provided is not trading advice. kdj.com does not assume any responsibility for any investments made based on the information provided in this article. Cryptocurrencies are highly volatile and it is highly recommended that you invest with caution after thorough research!

If you believe that the content used on this website infringes your copyright, please contact us immediately (info@kdj.com) and we will delete it promptly.

Other articles published on Dec 24, 2024