- Anonymous trader sacrifices $3M to trigger $5M loss in Hyperliquid vault.
- $26M POPCAT positions and fake $20M buy wall were used to manipulate market.
An anonymous trader intentionally tore down $3 million of his own account to cause a $5 million damage to the vault of Hyperliquid by using complex market manipulation tactics. The attacker took out the money from the OKX exchange and then spread it to 19 different wallets before carrying out their coordinated attack on the platform.
Orchestrated Manipulation Drains Protocol Vault
The blockchain intelligence company Lookonchain has analyzed the path of the funds which the offender used to create huge positions of more than $26 million in POPCAT perpetual contracts. The trader made an artificial $20 million buy wall that was located near the $0.21 price level to give the impression that there was real market demand and that the market was strong.
By faking this support level, the price was temporarily increased, and then the attacker suddenly withdrew all the orders, causing immediate liquidity disappearance and the failure of the subsequent chain. Dozens of traders who were using leverage for their positions have been forcibly liquidated as support disappeared with Hyperliquid’s automated Hyperliquidity Provider vault being on the losing side with a $4.9 million loss.
The case is the largest single-day loss of the protocol since its inception and has been a factor in the exposure of the weaknesses of the automated liquidity provision systems.
Community observers highlighted that the attacker made no profit at all from this operation, thereby setting it apart from typical market manipulation schemes that are usually done for financial gain. The offender, however, seemed to be only concerned with putting Hyperliquid through a stress test and showing up the cracks in its automated market-making mechanisms and liquidation processes.
One community member described the incident as an expensive “performance art”, noting that only crypto can produce villains that are willing to destroy fortunes for the sole theatrical purpose. Another analyst speculated that the capital that was burned could be the hedge positions, which means that there could be profits made through short positions on the competing platforms or derivatives.
After roughly an hour, the bridge operations were resumed although Hyperliquid had used the emergency lock functions to temporarily suspend bridge withdrawals. The platform did not declare any reasons for the pause in withdrawals due to the POPCAT manipulation, so community members jokingly assumed that the measures taken to defend the operations were coordinated.
Such an event underscores the serious weaknesses that are inherent in decentralized perpetual exchanges, especially those with automated liquidity pools that can be attacked by a hard-to-stop, rich, and clever in strategy type of attackers.
Highlighted Crypto News Today:
Canary Capital’s MOG ETF Filing Sparks Interest in Obscure Memecoin
