* Hyperliquid’s liquidity vault was hit by a self-inflicted manipulation attack, leaving $4.9 million in bad debt.
* The attacker intentionally sacrificed $3 million worth of POPCAT to push losses onto HLP liquidity providers.
* This marks Hyperliquid’s third similar attack in 2025, following incidents in March and July.
Hyperliquid, one of the fastest-growing decentralized perpetuals exchanges, is dealing with another round of market manipulation after an attacker used the Solana-based memecoin POPCAT to push losses onto its liquidity vault.
The incident, which generated roughly $4.5-$4.9 million in bad debt for the platform’s HLP vault, follows two similar events earlier this year and highlights ongoing risks in thin-liquidity perp markets.
A Self-Sabotage Designed To Hurt the HLP Vault
The attack began early Nov. 12, when the exploiter withdrew roughly $3 million in USDC from OKX and scattered it across 19 wallets.
From there, the plan was straightforward:
When the buy wall disappeared, POPCAT plunged roughly 30% within seconds.
All of the attacker’s positions were liquidated. They burned $3 million of their own capital, but incurred nearly $5 million in losses for HLP.
Hyperliquid allows up to 50x leverage on certain markets. The attacker used roughly 5x on POPCAT, but the token’s thin liquidity delivered the rest of the damage.
Importantly, this was not a protocol exploit. Hyperliquid’s blockchain, matching engine, and smart contracts weren’t compromised.
The event was a pure market manipulation attack, relying on spoofing, leverage, and timing.
Not the First Time — Hyperliquid Faces Repeat Pattern
This is now the third major manipulation event targeting Hyperliquid in 2025:
* March: Attack centered on JELLYJELLY
* July: Attack involving TST
* November: POPCAT-triggered cascade
Together, the incidents highlight a structural vulnerability across fast-growing decentralized perps exchanges:
High-leverage, illiquid tokens, and community-funded liquidation pools together create a predictable target for market manipulation.
Why Hyperliquid Keeps Getting Targeted
Hyperliquid has become the breakout success of decentralized perpetuals this cycle, regularly posting over $10 billion in daily trading volume and commanding outsized market share.
But success also paints a target.
Hyperliquid’s rapid ascent has forced centralized exchanges to respond, either by building competing DEX perps products or backing emerging platforms.
Aster, backed by Binance, is widely viewed as Hyperliquid’s closest rival, with more than $7 billion in daily volume.
That rivalry has fueled online speculation. Some users, without evidence, suggested the attack was orchestrated to damage Hyperliquid’s dominance.
Others argued that market manipulation is simply the cost of doing business in the current DEX perps environment.
Hyperliquid Pauses Withdrawals, Market Panics
In the immediate hours after the attack, Hyperliquid temporarily halted deposits and withdrawals.
Some questioned how “decentralized” the system could be if withdrawals could be paused.
Others pointed to the repeated pattern of thin-liquidity memecoin markets causing outsized damage.
And a vocal minority claimed the attack showed that “crime season” had returned to DEX perps.
Hyperliquid has not reported any compromise of smart contracts, custodial systems, or validator infrastructure.
Instead, the exchange framed the event as a price manipulation incident, not a hack — aligning it with previous attacks earlier this year.
Read more on CCN – Capital & Celeb News
