Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
A coordinated attack on Hyperliquid wiped almost $5 million from the protocol’s Hyperliquidity Provider (HLP) round, when an unknown trader burned $3 million in capital to manipulate the POPCAT market and trigger cascading liquidations.
Blockchain analytics company Lookonchain shared Thursday that it all started when the attacker withdrew 3 million USDC (USDC) from the OKX crypto exchange and split the funds into 19 fresh wallets. The trader then channeled assets into Hyperliquid to open more than $26 million in leveraged longs linked to HYPE, the platform’s POPCAT perpetual contract.
After that, the trader built a buy wall of $20 million near the price of $0.21. This turned out to be an artificial signal of strength that pushed the market up before the orders were canceled. When the wall collapsed, liquidity thinned out as price support disappeared.
This meant that dozens of highly leveraged positions were forced into liquidation, and HLP absorbed those losses. Hyperliquid’s turn showed a loss of $4.9 million in the aftermath, one of the biggest hits in a single event incurred by the platform since its launch.
Related: The sour crypto mood could fuel an unexpected rally this month: Santiment
Hyperliquid market manipulator burns millions ‘for plot’
While the attacker caused damage to Hyperliquid, the event revealed that the same $3 million capital of the market manipulator was completely wiped out. This suggested that the attacker’s goal was structural damage rather than profit.
The sequence represented a clear example of a trader intentionally setting fire to his own capital to shock an onchain derivatives site, exploiting its liquidity architecture and stress-testing the limitations of an automated round of liquidity providers.
The event differs from typical market manipulation incidents because the attacker did not exit the event with a profit.
Instead, the structure of the trade suggested that the purpose was to create artificial liquidity and collapse to drag the Hyperliquid back into the liquidation cascade.
Observers reacted to the move with mixed feelings. A member of the community speculated that the $3 million was covered, suggesting that the attacker had closed positions elsewhere. Another X user described the event as the “most expensive search ever”.
Another community member suggested the event was not an attack, but rather a $3 million piece of performance art. “Only in crypto, the villains burn millions for the plot,” wrote user X.
Meanwhile, a member of the community described it is like “edge degene war”, where an attacker has exploited the absorption of the automated liquidity provider.
User X said this was a reminder that perp markets without robust liquidity buffers are open season for anyone who wants to “lay money on fire”.
Hyperliquid temporarily pauses withdrawals
On Thursday, community member jconorgrogan reported that the Hyperliquid deck had signed transform withdrawals.
The developer said the contract was paused using the “emergency lock” feature, indicating that the team had initiated precautionary measures against potential tampering.
After about an hour, the developer said the platform started processing withdrawals again.
Hyperliquid has not issued any official announcements linking the POPCAT incident to the temporary freeze on withdrawals.
Magazine: If the crypto bull run is over… it’s time to buy a Ferrari: Crypto Kid
