Fears and Speculations as North Korea-Linked Hackers Begin Trades on Hyperliquid
Security at Risk as North Korea-Linked Hackers Target $22B DeFi Platform Hyperliquid
Hyperliquid, a decentralized trading platform, has come under intense scrutiny following suspicious trading activities allegedly linked to North Korean-backed hackers.
Over the past week, flagged accounts linked to the hackers reportedly lost more than $700,000 on Hyperliquid. Analysts speculate that these losses could be part of an elaborate scheme to breach the platform’s relatively young security.
The platform has seen rapid growth, boasting a total value locked (TVL) of $22 billion. Hyperliquid recently airdropped its token (HYPE) to over 90 thousand users rewarding many lucratively and bringing attention to their community.
Validator Reliance Raises Questions About Its Security
The platform’s reliance on just four validators has raised significant concerns in the crypto community. According to experts, compromising only three of these validators would grant any potential attackers complete control over Hyperliquid’s funds.
According to an analysis by Cygaar, a renowned crypto software developer on his X page, the platform employs a two-thirds quorum requirement for validator signatures. Consequently, an attacker needs only compromise just three validators to authorize a withdrawal of Hyperliquid’s entire balance which currently holds $2.3 billion in USDC before moving the funds to a malicious address.
Mitigating the Risk of a Potential Breach on Hyperliquid
Cygaar suggested two potential defenses for Hyperliquid to safeguard its funds from attackers.
The first line of defense involves Circle, issuers of USDC, quickly blacklisting addresses used in the attack. If done swiftly, Circle could freeze the stolen funds, preventing hackers from moving or converting them into other assets like ETH (a method commonly utilized by North Korean hackers).
Additionally, the second defense involves an extremely controversial method by the Arbitrum chain that secures Hyperliquid.
The Arbitrum bridge contract is governed by a 9/12 multi-signature security council. In emergencies, the council can vote to roll back transactions or alter the chain’s state to reverse malicious activity. While effective, this approach has drawn criticism for potentially undermining the principles of blockchain decentralization.
“This last line of defense is extremely controversial and should only be used in the most dire of situations. I really hope we do not end up in this scenario” Cygaar emphasized.
