In brief
- A user on Hyperliquid was hacked for $21 million after their private keys appear to have been leaked.
- Private keys allow a wallet owner to sign a transaction, meaning anyone in possession of it has control over the wallet.
- Blockchain security experts say that private keys can be compromised via phishing sites, malware-infected devices, and poor personal security habits.
A hacker stole $21 million worth of crypto from a Hyperliquid user after their private key was leaked, on-chain security firm PeckShield said. The attacker has since bridged the stolen funds to Ethereum, including $17.75 million worth of the DAI stablecoin.
In crypto, a private key is a series of numbers and letters that proves control of a wallet and allows a user to sign transactions. This means that when this key is compromised, a malicious actor is able to sign transactions from the wallet—allowing them to send themselves funds.
“It seems the $21 million theft stemmed from a private key leak, since the attacker had full wallet control and there was no smart contract exploit involved. That’s a clear sign the key itself was compromised,” Deddy Lavid, CEO of blockchain analytics platform Cyvers, told Decrypt.
At the time of writing, it is unclear how the victim’s private keys were exposed to the hacker, but it is a painful reminder as to why personal security is so important.
“Private keys often get leaked through phishing sites, malware-infected devices, or seed phrases stored unencrypted in the cloud or screenshots,” Lavid explained. “To stay safe, users should use hardware wallets, avoid typing or pasting keys online, and store backups offline and encrypted.”
The hack follows a rise in popularity in perpetual futures-focused decentralized exchanges, in which Hyperliquid has asserted itself as the industry leader for this year. However, rival protocol Aster emerged last month and started to steal market share from the platform.
As a result, according to CoinGecko, Hyperliquid’s token has slumped 22% over the past month and nearly 15% over the past week, sitting at a price just under $43. Still, that places HYPE as the 20th largest cryptocurrency by market capitalization at nearly $11.6 billion, ahead of the likes of Bitcoin Cash, Avalanche, and Litecoin.
Myriad users are bearish on HYPE’s chances of rising to a new high mark of $69 sooner than it can fall to $39, giving it a less than 27% likelihood as of this writing. The odds have fallen by more than 15% over the last week. (Disclaimer: Myriad is a product of Decrypt‘s parent company, DASTAN.)
Daily Debrief Newsletter
Start every day with the top news stories right now, plus original features, a podcast, videos and more.
Source: https://decrypt.co/343849/hyperliquid-user-loses-21-million-private-key-compromise
