Recommended

Crypto Deposit Make instant crypto transfers to your futures account
USDT-M Perpetual Futures Trade futures contracts settled in USDT
VIP Fee Discounts Enjoy different fee discounts based on your VIP level
Coin-M Perpetual Futures Trade futures contracts settled in cryptocurrency
Fiat Deposit Buy your favourite coins in seconds
Affiliates Invite friends & get rewarded
Convert Covert your crypto instantly
Support Centre Find our FAQs here
Announcements Find all our official announcements
BTCC Academy Learn about blockchain and crypto
News The latest trends in the crypto market

Promotions

Referral
Campaigns
Assets
Crypto Deposit
Fiat Deposit
Convert
Transfer
Withdraw
My vouchers
Fund history
Dashboard
Account Security
Identity verification
API Management
Transaction Report
Log out
register
BTCC / BTCC Square / DarkChainX /
POPCAT Token Manipulation on Hyperliquid: $4.9 Million Lost in Orchestrated Attack

POPCAT Token Manipulation on Hyperliquid: $4.9 Million Lost in Orchestrated Attack

Author:
DarkChainX
Published:
2025-11-13 16:39:01
12
1


In what appears to be a carefully planned market manipulation scheme, Hyperliquid - a leading decentralized perpetual contracts platform - suffered a $4.9 million loss through the artificial inflation and subsequent crash of the POPCAT token. The attacker used 19 separate wallets to execute this sophisticated operation, demonstrating the evolving challenges in DeFi security. This incident follows a similar $46 million exploit on Hyperliquid's XPL pre-market just months earlier, raising questions about platform safeguards.

How Did the POPCAT Token Manipulation Unfold?

The attack began when an unknown entity transferred $3 million in USDC from OKX to Hyperliquid. These funds were strategically distributed across multiple wallets to open Leveraged long positions totaling nearly $30 million on POPCAT. The attacker then placed a massive $20 million buy order at approximately $0.21, creating artificial demand that drove the token's price upward.

Details of open positions on the POPCAT token

What Triggered the Cascade of Liquidations?

At the peak of the artificially inflated price, the attacker suddenly withdrew their buy order, causing POPCAT's value to plummet. This abrupt price drop triggered automatic liquidations of leveraged positions across the platform. While the attacker lost their initial $3 million investment, the damage to Hyperliquid's ecosystem was far greater - leaving its Hyperliquidity Provider (HLP) pool with $4.9 million in unrecoverable debt.

Why Would an Attacker Intentionally Lose $3 Million?

This appears to be a calculated sacrifice. By accepting a $3 million loss, the attacker created a much larger $4.9 million deficit in Hyperliquid's community liquidity pool. Some analysts speculate this could be part of a broader strategy to weaken confidence in the platform, especially following its recent high-profile stablecoin launch and growing competition in the perpetual DEX space.

How Does This Compare to Previous Hyperliquid Incidents?

Just three months prior in August 2025, Hyperliquid experienced a similar $46 million exploit involving the XPL token pre-market. That attack resulted in $17 million in simultaneous liquidations. The repeating pattern suggests that Hyperliquid's rapid growth (with Cathie Wood comparing it to "Solana's early days") may be outpacing its security infrastructure.

What Does This Mean for DeFi Security?

These sophisticated attacks highlight the vulnerabilities in decentralized finance protocols, particularly around leveraged trading and liquidity pools. While platforms like dYdX and BTCC have implemented various safeguards, Hyperliquid's consecutive incidents demonstrate how attackers are evolving their methods to exploit DeFi mechanisms.

Could This Impact Hyperliquid's Market Position?

Despite these setbacks, Hyperliquid remains a major player in perpetual DEX trading. However, repeated security incidents could affect user confidence and adoption rates. The platform's response to this latest attack - whether through improved safeguards or compensation measures - will likely determine its ability to maintain its leading position.

What Should Traders Learn From This Incident?

Traders should be particularly cautious with leveraged positions on lower-market-cap tokens, especially during periods of unusual price action. Diversifying across platforms and using risk management tools can help mitigate exposure to such manipulation schemes.

How Are Other Exchanges Responding?

Following this incident, several major exchanges including BTCC have reportedly increased monitoring for suspicious wallet activity and large coordinated orders. Some are considering implementing additional circuit breakers or leverage limits for smaller-cap assets.

*

What was the total loss in the Hyperliquid POPCAT attack?

The attack resulted in $4.9 million in unrecoverable debt for Hyperliquid's HLP pool, while the attacker intentionally lost $3 million of their own funds to execute the manipulation.

How many wallets were used in the attack?

The attacker distributed funds across 19 separate wallets to open leveraged positions and execute the manipulation strategy.

What was the peak buy order that inflated POPCAT's price?

The attacker placed a $20 million buy order at approximately $0.21 to artificially drive up POPCAT's price before suddenly withdrawing it.

|Square

Get the BTCC app to start your crypto journey

Download on the App Store GEI IT ON Google Play

Get started today Scan to join our 100M+ users

Exchange for a better future

Products
Services
Guides
About Us
Terms & Agreement
Customer Service

Risk warning: Digital asset trading is an emerging industry with bright prospects, but it also comes with huge risks as it is a new market. The risk is especially high in leveraged trading since leverage magnifies profits and amplifies risks at the same time. Please make sure you have a thorough understanding of the industry, the leveraged trading models, and the rules of trading before opening a position. Additionally, we strongly recommend that you identify your risk tolerance and only accept the risks you are willing to take. All trading involves risks, so you must be cautious when entering the market.

The world’s longest-running cryptocurrency exchange since 2011 © 2011 - 2025 BTCC.com. All rights reserved

All articles reposted on this platform are sourced from public networks and are intended solely for the purpose of disseminating industry information. They do not represent any official stance of BTCC. All intellectual property rights belong to their original authors. If you believe any content infringes upon your rights or is suspected of copyright violation, please contact us at [email protected]. We will address the matter promptly and in accordance with applicable laws.BTCC makes no explicit or implied warranties regarding the accuracy, timeliness, or completeness of the republished information and assumes no direct or indirect liability for any consequences arising from reliance on such content. All materials are provided for industry research reference only and shall not be construed as investment, legal, or business advice. BTCC bears no legal responsibility for any actions taken based on the content provided herein.