HypurrFi Domain Hijacking Prompts User Warning as Founder Reports Hyperliquid Client Block Hash Parity

HypurrFi founder androolloyd warned users on April 3, 2026 not to interact with the Hypurr.fi domain due to a suspected hijacking, while separately announcing that the team had achieved block hash parity for a Hyperliquid client, advancing independent client verification.

The lending protocol, which holds approximately $30 million in total value locked on HyperEVM (Hyperliquid’s EVM-compatible high-performance blockchain), said user funds remain safe and its social media channels remain under team control.

HypurrFi Domain Compromise Prompts User Warning

HypurrFi alerted users against interacting with its website and lending platform while investigating a potential domain hijacking. Founder androolloyd posted on X that the Hypurr.fi domain is compromised and urged users not to use it. The team stated that there is no current risk to user funds and that its social media accounts remain under the team’s control during the investigation. Users were told to avoid the app until further notice.

HypurrFi is a DeFi lending and borrowing protocol built on HyperEVM, which is the EVM-compatible network linked to Hyperliquid’s trading ecosystem. According to DefiLlama, the platform has approximately $30 million in total value locked, making the warning urgent for users who might still attempt to access the protocol through the compromised domain. The team did not provide details on how the hijacking occurred or when the site would return to normal operation.

Frontend Attacks Remain Persistent Crypto Security Risk

Domain hijacking has become a recurring issue across the crypto sector, and HypurrFi’s suspected hijacking highlights how attackers often target a project’s frontend website rather than its smart contracts. This method is particularly pernicious because even well-audited smart contracts and secure onchain protocols can be exploited through a compromised domain. Once attackers control a domain, they can deploy wallet drainers or inject malicious code prompts, tricking users into signing transactions.

Last month, attackers compromised the BONKfun domain in a similar incident, adding to a growing list of attacks that use fake or compromised frontends to reach users. For HypurrFi, the warning focused on the website and user access point rather than the protocol’s core contracts, meaning onchain systems remain intact. The team emphasized that users should avoid the domain and wait for an official notice before reconnecting wallets or signing any transaction requests.

HypurrFi Founder Reports Technical Progress on Hyperliquid Client

Separately, HypurrFi founder androolloyd announced that the team had achieved block hash parity for a Hyperliquid client, describing it as a step toward independent client verification. In a post, androolloyd stated, “We have achieved block hash parity, lots to do still but the end zone fees in sight. Now to get the serializing right, and start on consensus hashing.” The founder also noted that the Hyperliquid client binary had been reduced by 4 megabytes, attributing the shrink to compile optimizations and some dead code cleanup.

The technical progress relates to developing an independent client for the Hyperliquid network, which could enhance decentralization and resilience. While the domain hijacking incident affected the frontend, the Hyperliquid client development continues separately, focusing on core infrastructure improvements. The team’s ability to achieve block hash parity suggests that the underlying protocol development remains on track despite the frontend security issue.

FAQ

What happened to HypurrFi’s domain?

HypurrFi reported a suspected domain hijacking on April 3, 2026, warning users not to interact with the Hypurr.fi website or lending app. The team stated that user funds remain safe and that its social media channels are under its control. The incident is under investigation.

Is there any risk to user funds?

HypurrFi stated that there is no current risk to user funds. The compromise appears to be limited to the frontend domain, not the protocol’s smart contracts. However, users are advised to avoid the domain until an official update is provided.

What technical progress did HypurrFi’s founder announce regarding Hyperliquid?

HypurrFi founder androolloyd announced that the team achieved block hash parity for a Hyperliquid client, advancing independent client verification. The founder also noted a 4 MB reduction in the client binary due to compile optimizations and dead code cleanup, with work continuing on serialization and consensus hashing.