North Korean Hackers Withdraw $60 Million In U.S. Digital Assets!

HyperLiquid, a decentralized leveraged trading platform, faces scrutiny as $60 million in USDC withdrawals are linked to North Korean hackers, raising concerns about potential vulnerabilities and future attacks.

At a Glance

  • HyperLiquid’s total value locked (TVL) dropped by over $1 billion in the past week
  • $60 million in USDC was withdrawn from the platform, linked to North Korean hackers
  • The platform’s native token, HYPE, fell 20% in 24 hours
  • HyperLiquid’s blockchain has only 4 validators, potentially increasing vulnerability
  • Despite concerns, HyperLiquid remains the largest on-chain perpetual trading platform

North Korean Hackers Target HyperLiquid

HyperLiquid, a prominent decentralized leveraged trading platform, has come under intense scrutiny following a significant withdrawal of $60 million in USDC. The transaction has been traced to wallet addresses associated with North Korean hackers, sparking fears of a potential large-scale attack on the platform.

Are they stealing assets, now?

The platform’s total value locked (TVL) has plummeted by over $1 billion in the past week, dropping from $3.45 billion on December 17 to $2.25 billion. This 35% decrease has sent shockwaves through the cryptocurrency community, raising questions about the platform’s security measures and overall stability.

Security Concerns and Potential Vulnerabilities

Web3 security expert Talor Monahan has identified a surge in transactions from North Korea-linked addresses, indicating potential targeted attacks on the platform. “North Korean hackers have been testing Hyperliquid’s platform by conducting a series of transactions that resulted in losses of approximately $701,000,” Monahan said.

“DPRK doesn’t trade. DPRK tests,” Tay, another security expert, warned.

Of particular concern is HyperLiquid’s Layer-1 blockchain, which operates with only four validators. This limited number of validators could potentially make the platform more vulnerable to attacks, especially if hackers exploit unknown software vulnerabilities, commonly referred to as “0 days.”

The recent security concerns have had a significant impact on HyperLiquid’s performance. The platform’s native token, HYPE, experienced a sharp 20% decline in value over a 24-hour period. This drop has rattled investors and raised questions about the long-term viability of the platform.

“This represents 3% of the platform’s bridged TVL,” Tom Wan noted, referring to the $70 million USDC withdrawal.

Despite these challenges, HyperLiquid remains the largest on-chain perpetual trading platform, boasting 271,000 users and a total deposit volume of $12.14 billion. The platform’s daily trading volume stands at an impressive $6.20 billion, highlighting its significant role in the cryptocurrency ecosystem.

The Broader Threat of North Korean Hackers

The incident at HyperLiquid is part of a larger trend of North Korean hacking activities targeting cryptocurrency platforms. A recent Chainalysis report revealed that North Korean hackers stole a staggering $1.34 billion in 2024, a significant increase from $660 million in 2023. This escalation in cyber theft underscores the growing threat posed by state-sponsored hacking groups to the cryptocurrency industry.

As investigations into the HyperLiquid incident continue, the cryptocurrency community remains on high alert. The potential for larger, more damaging operations looms, highlighting the need for enhanced security measures and vigilance across the entire blockchain ecosystem.