Hyperliquid user, identified by the wallet address 0x0cdC…E955, has reportedly lost $21 million in cryptocurrency after hackers gained access to their private key.
According to blockchain security firm PeckShield, the attackers swiftly transferred the compromised funds to the Ethereum network, as confirmed through on-chain tracking. The stolen crypto included approximately 17.75 million DAI tokens and 3.11 million MSYRUPUSDP tokens. PeckShield also shared visual data mapping out the wallet addresses connected to the heist.
“A victim 0x0cdC…E955 lost ~$21M worth of cryptos due to a private key leak. The hacker has bridged the stolen funds… including 17.75M & 3.11M,” — PeckShieldAlert (@PeckShieldAlert)
Blockchain records indicate that the stolen tokens were strategically transferred and redistributed across multiple wallets, mirroring tactics seen in earlier high-profile crypto thefts.
An unusual detail in the case is the timing of certain trading activities. Just as PeckShield’s alert went public, data showed that a Hyperliquid account closed a $16 million HYPE long position, followed by the liquidation of 100,000 HYPE tokens worth about $4.4 million.
Researchers analyzing transactions on Hypurrscan suggested that this trading account might have belonged to the same compromised user. Their findings indicate that the liquidated assets were later converted into USDC and DAI, with transfers spanning both the Ethereum and Arbitrum networks—aligning closely with the hacker’s movements identified by PeckShield.
The breach wasn’t limited to Hyperliquid balances. Investigations revealed an additional $3.1 million was siphoned from the Plasma Syrup Vault liquidity pool, with the tokens quickly routed to a newly created wallet.
Prominent X (formerly Twitter) user Luke Cannon suggested that the total damage could be higher, estimating another $300,000 stolen from linked wallet addresses.
Recurring Attacks Raise Security Concerns
Another Hyperliquid user, @TradeThreads (BRVX), reported losing $700,000 in HYPE tokens last month under similar circumstances.
“Lost 700k in hype in a similar incident last month. Not sure how they hacked. No malware, no discord chats, no TG calls, no email download,” — BRVX (@TradeThreads)
He speculated that Windows malware might have been the cause, as he had not accessed his wallets for a week and had recently switched to a new MacBook where the wallet wasn’t even set up.
Unlike exchange or smart contract vulnerabilities, this breach resulted from a private key leak, which grants attackers full access to wallet credentials. Such leaks often stem from phishing attacks, malware, or insecure key storage practices.
Cybersecurity experts continue to emphasize the importance of cold wallets or multi-signature setups for protecting high-value crypto assets.
Recently, Blockstream issued a security alert warning Jade hardware wallet owners of a phishing campaign spreading through fake firmware update emails.
Growing Pattern of Private Key Exploits
Private key-related hacks are becoming alarmingly common. Just weeks ago, North Korean hackers reportedly stole $1.2 million from Seedify’s DAO launchpad, causing its token SFUND to drop by 99%. Similarly, a Venus Protocol user on BNB Chain lost $27 million to a key breach in September.
According to CertiK’s annual security report, over $2.36 billion was lost across 760 on-chain security incidents last year, with $1.05 billion directly linked to private key compromises—making up 39% of all attacks.
The report explains that phishing remains a preferred method among hackers because it exploits human error rather than technological weaknesses. Since blockchain transactions are irreversible, even a single mistake can result in irreversible losses.
The Ethereum network continues to witness the most attacks, followed by Binance Smart Chain (BSC)—but experts warn that Hyperliquid is now becoming a new target for cybercriminals due to its decentralized infrastructure.
