Key Highlights
- ZachXBP has spotted a fake Hyperliquid app on the Google Play Store, raising a warning about a potential scam
- While Hyperliquid is growing rapidly, scammers are continuously targeting its users with new tricks
On November 7, the on-chain sleuth, ZachXBT, raised a fresh warning after spotting a fake Hyperliquid application on Google Play Store.
(Source: ZachXBT on Telegram)
While Hyperliquid is gradually advancing its position in the leaderboard of top decentralized exchanges, scammers are continuously exploring ways to target its users.
Hyperliquid’s Rise Being Targeted by Scammers
Since its launch in late 2023, Hyperliquid has rapidly grown to over $4.74 billion in total value locked (TVL). However, its rapid rise is also facing huge challenges from malicious actors.
The platform has suffered millions of dollars in losses from constant attacks in the form of phishing schemes, direct exploits, and fraudulent token projects. This series of incidents has also raised questions about DeFi platforms.
One of the major incidents took place in December 2024. MetaMask security researcher Taylor Monahan issued a public warning that the North Korean state-sponsored syndicate, Lazarus Group, had been “testing” the platform since October.
The group, already responsible for $1.3 billion in crypto thefts that year, used known wallets to probe the network with real funds. This activity was described as reconnaissance for potential future exploits.
The platform’s limited number of validators intensified fears of a centralized point of failure, which sparked a record $249 million withdrawal in a single day. This has also dropped the token’s price significantly.
While no direct hack occurred from this, Chinese authorities later confirmed three separate Hyperliquid-linked money laundering cases by March 2025. They proved its use for moving illegal funds.
Phishing Scam Attacks User Wallets
In May 2024, fake airdrop websites tricked users into signing malicious smart contracts, leading to irreversible theft from their digital wallets.
By January 2025, Hyperliquid Wallet Connection scams spread through compromised social media accounts and fraudulent Google ads. These fake sites impersonated the official Hyperliquid platform to steal wallet access permissions. This method was part of a huge trend that cost victims nearly $500 million in similar drainer scams that year.
A further sophisticated phishing wave in June 2025 compromised user addresses by upgrading them to attacker-controlled multisignature wallets.
This gave hackers full access to all assets, including staked HYPE tokens.
“It seems the $21 million theft stemmed from a private key leak, since the attacker had full wallet control and there was no smart contract exploit involved. That’s a clear sign the key itself was compromised,” Deddy Lavid, CEO of blockchain analytics platform Cyvers, said.
“Private keys often get leaked through phishing sites, malware-infected devices, or seed phrases stored unencrypted in the cloud or screenshots,” Lavid stated. “To stay safe, users should use hardware wallets, avoid typing or pasting keys online, and store backups offline and encrypted.”
Cyber Attacks on Crypto Platforms in 2025 Surpass Previous Year
According to the Chainalysis report, the scale of cryptocurrency theft in 2025 has already surpassed the total for all of 2024, with over $2.17 billion stolen from services. This record-breaking loss is largely due to a single, unprecedented event: the theft of $1.5 billion from ByBit, reportedly by North Korean hackers. This incident now stands as the largest hack in the history of crypto.
By the end of June, the total value stolen year-to-date was already 17% higher than in all of 2022, which was previously the worst year on record. If this pace continues, losses from services alone could exceed $4 billion by the end of the year.
In 2025, the pattern of cyberattacks on the cryptocurrency platform has slightly changed compared to previous years. Nowadays, attacks are increasingly aimed at individual users rather than just large services. Personal wallet compromises now account for nearly a quarter of all stolen funds this year.
