- Attack Mechanism: Price Manipulation Combined with High Leverage
- 1. Attack Mechanism: Reproducing Active Liquidation Tactics
- 2. More Sophisticated Target Selection: $JELLY Instead of ETH
- 3. Setting a Trap with Airdrop and Opening Large Short Position
- 4. Crashing Price and Forcing Vault Liquidation
- 5. Buying Back to Drain the Fund
- Serious Impact on Hyperliquid and DeFi Market
- Market Situation and Community Reaction
On March 26, the DeFi platform Hyperliquid continued to be the victim of an organized attack targeting the vault's operating mechanism. This time, the attacker did not choose Ethereum (ETH) as before but switched to the memecoin Jellyjelly ($JELLY) – an asset with lower liquidity and easier to manipulate. The total damage value reached $20 million, shaking investors' confidence in the platform.
Attack Mechanism: Price Manipulation Combined with High Leverage
This attack targeted Hyperliquid's pricing mechanism by exploiting Jellyjelly's liquidity gap. According to on-chain data, two wallet addresses played crucial roles, with the wallet 0xde9…f5c91 opening a short position worth $4.08 million. This intentional short order allowed the attacker to exploit platform vulnerabilities to profit from the token's price decline.
.png)
With leverage up to 50x, the attacker could manipulate Jellyjelly's price similar to the previous method used with Ethereum (ETH). By continuously creating selling pressure, they pulled the token's price down, severely affecting Hyperliquid's vault. This not only caused a significant drop in the platform's Total Value Locked (TVL) but also caused investors to lose confidence, leading to a wave of capital withdrawals.
1. Attack Mechanism: Reproducing Active Liquidation Tactics
This is not the first time Hyperliquid has been exploited. Previously, this mechanism was used to "actively liquidate 160,000 ETH long positions" and generate $1.857 million in profits. The attacker used 50x leverage to manipulate the market, this time targeting $JELLY.
2. More Sophisticated Target Selection: $JELLY Instead of ETH
ETH has deep liquidity and is difficult to manipulate, but $JELLY is different. It is a memecoin with low order book depth, easily pulled up and down with a small amount of capital. This creates ideal conditions for price manipulation.
3. Setting a Trap with Airdrop and Opening Large Short Position
The address 0xde9...f5c91 opened a short order worth $4.08 million with $JELLY on Hyperliquid, at a price of $0.0095, with a margin of 3.5 million USDC. This was the first step in the price manipulation plan.
4. Crashing Price and Forcing Vault Liquidation
The address Hc8gN...WRcwq coordinated with the spot market to push $JELLY's price down, creating a fictitious profit margin for the short position. Then, the order-opening address withdrew 2.76 million USDC from the margin, forcing the vault to bear liquidation risks.
5. Buying Back to Drain the Fund
At 21:01 and 21:45, the attacker made two strong purchase waves, causing the vault's losses to grow larger. By the time the market began to pay attention, the attack was nearly complete.
Serious Impact on Hyperliquid and DeFi Market
Hyperliquid's TVL dropped $20 million after the attack. The short position liquidation price fell to $0.14, creating significant pressure on the system. The price manipulation address 0xde9…f5c91 now holds 124 million $JELLY (equivalent to $4.86 million), becoming the largest $JELLY holder on the blockchain.
.png)
The cascading effect caused many small investors to withdraw funds from Hyperliquid to avoid being caught in the liquidation vortex. The more people withdraw, the lower the liquidation price becomes, creating a domino effect. Meanwhile, Binance – Hyperliquid's major competitor – could exploit this situation. If Binance launches spot trading for $JELLY or releases supportive news, Hyperliquid will face even greater pressure.
Market Situation and Community Reaction
This incident occurred against the backdrop of significant cryptocurrency market volatility. According to CoinMarketCap data, Ethereum is currently priced at $2,013.83, with a market capitalization of $242.96 billion. In the past 24 hours, ETH dropped 2.58%, while the 30-day decline reached 24.06%, reflecting the downward trend of the entire market. This incident also raises questions about the security of decentralized financial protocols, especially platforms with high-leverage products. According to analyst Tobias Reisner, the continuous exploitation of DeFi weaknesses by major players is a clear warning about the need for stricter risk management measures.
The increasing frequency of attacks like the Hyperliquid Vault Attack raises questions about DeFi's safety. Previously, there were many price manipulation incidents based on large leverage positions, significantly impacting market liquidity. According to a report from Coincu, regulatory pressure on DeFi is increasing, forcing platforms to tighten risk management policies to limit similar attacks.
As DeFi continues to develop, platforms like Hyperliquid must improve their ability to protect user assets, or risk losing community trust. This will not only affect the project itself but could also negatively impact the entire cryptocurrency industry.
Compiled by VIC Crypto
Related News:
Trump's Company Stocks Surge After ETF Agreement with Crypto.com
Toncoin Price Surges 20% After Telegram CEO Temporarily Released Following Arrest in France
Canary Capital Files for First ETF Dedicated to PENGU from Pudgy Penguins NFT Project
Vietnam and Singapore Join Hands to Build Legal Framework for Digital Assets
UAE Accelerates Investment in AI and Crypto, Collaborates with Trump Administration
