Hyperliquid Chaos: $20M Exploit, Forced Shutdown, and a Surprise Twist

Picture showing jellyfishes swimming in chaos, in Hyperliquid (HYPE) colors

When things go wrong in crypto, they usually go wrong fast. But what happened with Hyperliquid over the past few hours was next-level chaos. A $20 million exploit, forced liquidations, manipulated memecoin markets, sudden Binance Futures announcement and an emergency oracle override – this wasn’t just a bug or bad trade. It was a full-blown crisis that could have collapsed one of the fastest-growing trading platforms in Web3.

The Setup

It all started with Jelly-My-Jelly (JELLYJELLY) – a memecoin created in January by a familiar name, Venmo co-founder Iqram Magdon-Ismail, who tied it into a Web3 social project. Like most memecoins, it had hype, a community, and plenty of volatility. But more importantly, it had thin liquidity and was easy to move. For anyone with a plan and enough money, Jellyjelly wasn’t just a coin – it was a weapon.

Two addresses took full advantage. One of them opened a $4 million short position against Jelly. Not long after, the other started dumping the coin’s spot price, creating artificial downward pressure. This wasn’t just a trade – it was an orchestrated play. Once the short position had enough unrealized profits, the attacker pulled out the margin, forcing liquidation and shifting the risk onto Hyperliquid’s own liquidity vault, HLP.

A Strategy That Worked Too Well

By removing the margin and triggering the liquidation, the attacker essentially passed the hot potato to Hyperliquid’s vault. The vault, which automatically absorbs liquidated positions, now held the short. That meant if Jellyjelly’s price went up again, it would start bleeding. And bleed it did.

A few coordinated buy waves later, and with a long position from the other wallet, Jellyjelly’s price spiked nearly 500%. HLP began taking losses, and in just one night, the vault was down over $20 million. The addresses behind the attack had millions in profit, and users were left questioning how secure their funds really were. If Jellyjelly gained another 400%, Hyperliquid Vault would lose its entire $230 million in funds.

Binance Adds Fuel to the Fire

As if the situation wasn’t tense enough, Binance Futures stepped in with a decision that left many in the community scratching their heads. They officially launched USDⓈ-Margined JELLYJELLYUSDT perpetual contracts, with up to 25x leverage.

The timing couldn’t have been worse. While Hyperliquid was grappling with chaos and scrambling to protect its vault, Binance’s announcement added more exposure to an already overheated asset. This wasn’t just a niche memecoin anymore – it had become a battleground for big trades and bigger consequences. To make things even worse, OKX also announced futures:

Hyperliquid Turns It Around

Just when it looked like things couldn’t get worse, Hyperliquid pulled off a surprise move that flipped the script. In what can only be described as a bold – and controversial – decision, the platform force-closed the Jellyjelly market. But they didn’t just shut it down. They also overrode the oracle price, settling all positions at $0.0095 per token, even though the live market price hovered around $0.50 at the time.

The attacker, who had previously been sitting on millions in profit, ended up with a small loss. And Hyperliquid? They went from being the target of memes and panic tweets to securing a realized profit of around $703,000 from the incident. The HLP vault, which had been on the edge of disaster, ended the day with a gain. Depositors were not only protected – they came out ahead.

Hyperliquid’s validator set acted fast. They voted to delist the Jelly perpetuals, adjusted the oracle to reflect what they called the “true” market value during manipulation, and did so in full view of the community. Their public statement made it clear: normal users would be automatically compensated, and no action was required unless their wallet had been flagged.

Naturally, not everyone was happy. Some users applauded the team for acting quickly and protecting funds. Others questioned the ethics and decentralization of forcibly adjusting oracle data, arguing that it undermines trust – even if the outcome was positive.

Bitget CEO, Gracy Chen, has also criticized Hyperliquid’s actions:

Still, there’s no denying the financial turnaround. What looked like a devastating exploit ended with depositors in profit, attackers licking their wounds, and Hyperliquid reclaiming some control over the narrative.

But not everything escaped unscathed – HYPE, the platform’s native token, dropped 12% amid the chaos, as shaken investors reacted to the drama. Whether confidence returns in the coming weeks remains to be seen.

Kate Taylor

Kate Taylor