Author: Frank, PANews
The Hyperliquid token HYPE reached a new high again on August 27, and on August 26, a meticulously planned 'lightning short squeeze' storm swept through the XPL pre-contract market on Hyperliquid. In less than an hour, the price K-line chart was violently pulled into almost vertical lines, and countless short traders' accounts were instantly wiped out, while manipulators exited with over $46 million in profits.
This incident quickly caused a stir in the crypto community, intertwining wailing, anger, and conspiracy theories. People couldn't help but ask: Was this a chance extreme market fluctuation, or a precise 'massacre' exploiting protocol vulnerabilities? And why does Hyperliquid, the eye of the storm, repeatedly become a perfect hunting ground for whales?
A long-planned 'hunting'
This seemingly sudden market collapse was actually a meticulously planned hunt.
According to on-chain data tracking from Ai, this coordinated attack was executed by at least four core wallet addresses. Among them, the roles and fund deployments of the two main attacking addresses are particularly clear: one is an address starting with 0xb9c0, and the other is the address of the user 'silentraven' on DeBank. The other two addresses played auxiliary roles. These wallets exhibited similar operational behaviors, with three addresses transferring large amounts of funds to start long positions on XPL between the 23rd and 25th. Notably, the main attacking address, 0xb9c0, even preemptively used $11 million USDC to open long positions on XPL on Hyperliquid at an average price of around $0.56.
The DeBank username 'silentraven' address similarly established a long position of 21.1 million XPL using $9.5 million USDT at an average price of $0.56 over the past three days.
These several addresses collectively invested over $20 million, absorbing huge long positions in batches and at different times within almost the same price range. Among them, several addresses clearly only set up long positions for XPL after their creation.
Around 5:30 AM on August 26, when most traders in Asia were still asleep, the hunting moment quietly arrived.
The address 0xb9c0 transferred an additional $5 million to the Hyperliquid platform. Then, it indiscriminately raised the price of the token. In the already extremely thin liquidity pre-market of XPL, this fund was like a spark thrown into a powder keg, instantly igniting the entire order book. Within minutes, the price of XPL surged from around $0.6 to $1.8, an increase of over 200%.
In such a short-term price surge, several obvious consequences occur. First, most traders do not have time to increase their margin to raise the liquidation price. Second, even the minimum 1x leverage hedging orders can be wiped out. Third, as many short positions are liquidated one by one, the forced buy orders will further push the price up, creating the most terrifying 'short squeeze' phenomenon in financial markets.
Finally, at the peak price stage, manipulators began to liquidate at prices between $1.1 and $1.2. According to Ai's statistics, this attack brought more than $46 million in profits for the manipulators.
$60 million in wailing and the platform's 'indifference'.
A feast of capital inevitably comes with the wailing of another group of people. When the manipulators return with full spoils, all that is left for other market participants are bloody loss accounts and endless questions.
Crypto KOL @Cbb0fe stated that he allocated 10% of his funds to hedge on Hyperliquid, resulting in a loss of $2.5 million and he will no longer touch isolated markets.
Other media reported that a single address suffered a maximum loss of about $7 million. However, specific address information was not disclosed, so there are questions.
However, from the perspective of the manipulators' profits, at that time, the maximum profit amount indeed exceeded $46 million, and it remains unknown whether there were other undiscovered partners in this process.
From the changes in contract holdings, before the attack began, the contract holdings of XPL on Hyperliquid reached a maximum of $153 million, then rapidly plummeted to $22.44 million, with a reduction of over $130 million, and the overall losses for short users may reach $60 million.
This loss even surpassed the maximum unrealized loss of $11 million caused to Hyperliquid's JELLY token in March. This time, perhaps because the officials were not directly harmed, the victims could only silently swallow their bitter losses.
In community discussions, a familiar name was repeatedly mentioned: Tron founder Justin Sun. Some users pointed out that during this attack, an address had transferred ETH to Justin Sun's associated address a few years ago, but this action cannot directly prove an actual connection between the address and Justin Sun.
After the incident, many users also turned their hopes to Hyperliquid, expecting the platform to provide an explanation or remedial actions. However, Hyperliquid did not respond as brutally as during the manipulation of the JELLY token in March, closing profitable orders and directly shutting down related accounts. Instead, they responded in their official Discord community, stating that the XPL market experienced extreme fluctuations but the Hyperliquid blockchain operated normally as designed during this period, without any technical issues. The liquidation and automatic deleveraging (ADL) mechanisms were executed according to public protocols, and due to the completely isolated margin system adopted by the platform, this incident only affected XPL's positions, and the protocol did not incur any bad debts.
For many bystanders, not making adjustments is quite understandable. After all, when XPL was launched, Hyperliquid had already warned about high volatility and risks, and such manipulation was all carried out under the market rules.
However, for those deeply affected users, such a response seems rather cold.
Causes of the tragedy: A deadly conspiracy of platform, targets, and timing.
Looking back at the entire process of the event, this is not the first time Hyperliquid has experienced similar market manipulation. In this process, it is evident that the manipulators premeditated and meticulously planned.
First, such short squeeze operations are not uncommon in financial markets, often occurring in markets with poor liquidity and isolated prices. This operation on Hyperliquid was based on several characteristics of Hyperliquid: first, the extreme transparency on-chain, where manipulators can calculate the required capital and the results needed to manipulate the market through publicly available data like positions, liquidation prices, and funding rates. Second, due to Hyperliquid's isolated oracle system, as XPL uses an independent pricing system on Hyperliquid, not relying on external oracles, this allows manipulators to freely control prices within this enclosed environment without worrying about the difficulties arising from price balance on other exchanges.
Additionally, there are also many subtleties in the choice of target for operation. The manipulated XPL (and another token WLFI that experienced a similar situation but not as exaggerated) are both tokens that have not been launched, which means they are a type of 'paper contract', with no problems of spot delivery and spot sell-off pressure, making them easier to manipulate.
Finally, regarding the choice of timing. Before the attack, XPL's trading volume every 5 minutes was only around several hundred thousand tokens, equating to about $50,000. This was exactly during the weakest period of trading enthusiasm after its launch, and this thin liquidity gave attackers an opportunity to manipulate the market with the least amount of capital.
The XPL incident reveals the deep structural risks, reminding us that both the platform and the users need to reflect.
From the platform's perspective, first, there is the mechanism's vulnerability. Since 2025, Hyperliquid has experienced three market manipulation incidents. Each time, it has exposed some vulnerabilities of Hyperliquid as a decentralized derivatives exchange. The results of these vulnerabilities have repeatedly harmed the funds of general users while weakening the credibility of the Hyperliquid platform. In this case, one aspect is the encirclement caused by the isolated oracle mechanism, and the other is the lack of proactive price intervention from the platform's liquidity in the face of abnormal holdings.
Secondly, is it more important to maintain a decentralized shell against wrongdoers? In the JELLY incident, Hyperliquid unhesitatingly initiated an on-chain vote, ultimately preserving the losses and expelling the wrongdoers. The rationale at that time was to avoid losses to the platform users' treasury, forcing actions detrimental to decentralization. However, in the face of losses far exceeding those of the last incident, is it because the platform treasury was not harmed or to prevent the decentralization banner from falling again that they chose to ignore? This may leave a significant question in the minds of users.
Ultimately, for users, the XPL manipulation incident again raises our awareness of liquidity scarcity and isolated markets. In the market, those with extremely low liquidity and pre-contracts lacking spot market anchoring are often the 'hunting grounds' favored by whales. Furthermore, reducing leverage and setting stop-losses—these age-old trading principles—are never just empty words.
(The above content is excerpted and reprinted with the authorization of partner PANews, original link)
"Hyperliquid faces another tragedy: XPL lightning short squeeze, when will the whale hunt stop?" This article was originally published on (Blockke).
