Hyperliquid whale loses $21M to wallet compromise as exploits target perp DEXs

A Hyperliquid trader lost $21M from what was identified as a targeted attack that compromised their wallet. The trader lost over $17M in DAI, with the rest in Maple Protocol stablecoins. 

A Hyperliquid whale became the target of an exploit, presumably based on compromised private keys. The trader lost a total of $21M, of which over $17M was in DAI tokens. According to PeckShield Alert, only the personal wallet was affected through an unidentified type of private key leak. 

#PeckShieldAlert A victim 0x0cdC…E955 lost ~$21M worth of crypto on #Hyperliquid due to a private key leak.

The hacker has bridged the stolen funds to #Ethereum, including 17.75M $DAI & 3.11M $MSYRUPUSDP. pic.twitter.com/H2UEfmWsMW

— PeckShieldAlert (@PeckShieldAlert) October 10, 2025

Hyperliquid itself is not compromised, and no other traders have reported losses. The recent loss extends the list of cases attacking perp DEX traders. As Hyperliquid is transparent when it comes to trades and wallet balances, the wallets are singled out for personalized exploits. 

Hacked wallet got liquidated on HYPE

The attacked wallet was drained just after closing a successful trade, so the exploiters knew the funds were available. The hacker’s actions affected multiple vaults on Hyperliquid, using the compromised accounts for activity on both Ethereum and Arbitrum. Additional reports suggest another $300K was lost on a related wallet linked to the same user. 

The exploit started after the wallet closed a $16M long position on HYPE, and the wallet immediately sold 100K HYPE for $4.4M. The token was sold for DAI, which was then transferred on Ethereum and mixed. 

Additionally, due to the compromised wallet, the hacker was able to take a $3.1M stake from the Plasma Syrup Vault. The hacker moved MSYRUPUSDP to a new address, for now, without further swaps or mixing. 

The hacker now holds $6.91M in one wallet on Ethereum, another $10M in a different Ethereum address, while emptying the intermediary Arbitrum wallet used for the initial wallet draining. 

Is Hyperliquid at risk of hacks?

Previously, Hyperliquid has seen FUD about being vulnerable to North Korean hackers. However, the exchange holds no funds in custody and has not been hacked so far. The DEX still holds a risk of aggressive trading and draining specific vaults, especially for low-liquidity assets. 

Following the recent whale wallet attack, HYPE remained at $44.41, awaiting another breakout. 

The only problem in the future would be for the owner of the compromised wallet. Currently, Hyperliquid is preparing for another airdrop season, with multiple new projects set to launch their tokens. The compromised wallet may receive rewards based on trading volumes, but those may also be swept by the hacker. 

Previously, a list of 1,200 compromised addresses emerged, with some active on Hyperliquid. However, none of those addresses held any significant funds. There is still no explanation on how the wallet was compromised, though recent attacks have involved malware, fake 2FA authentication, fake Zoom links and more. 

Get up to $30,050 in trading rewards when you join Bybit today