HypurrFi has released a warning urging users not to interact with its website or lending platform, as the company investigates a potential domain hijacking incident. The protocol’s founder, Androolloyd, used the social media platform X to inform users that the “hypurr.fi domain name has been compromised” and should not be used until further notice. The company has begun a probe into the suspected domain breach, prioritizing user safety while the issue is under review.
Precautionary measures and guidance for users
The HypurrFi team reassured the community that user assets currently remain secure and unaffected by the incident. They emphasized that their official social media accounts are still under their control, and urged users to avoid interacting with the application in any way until authorized communication is issued confirming restored security. The team also promised that any updates about regaining safe access would be shared exclusively via official channels.
Operated on the HyperEVM infrastructure, HypurrFi is a decentralized finance (DeFi) protocol providing lending and borrowing services. HyperEVM serves as a highly efficient blockchain layer optimized for perpetual trading. At the time of the incident, HypurrFi reported a total value locked of around $30 million across its ecosystem.
Ongoing security vulnerabilities in major networks
Domain hijacking remains a frequent threat within the cryptocurrency sector, even targeting projects known for sound smart contract audits and robust on-chain security. Attackers often compromise project websites to inject wallet-draining scripts or other malicious code, putting user funds at risk through seemingly legitimate interfaces.
Just last month, a similar attack targeted the BONKfun platform when its domain name was seized by malicious actors. The attackers manipulated the homepage to defraud users, highlighting the persistent nature of such exploits. Such incidents underscore the importance of heightened vigilance, especially within decentralized platforms where community action is crucial.
Figures from DeFi analytics firm DefiLlama show that core metrics like total value locked can be directly affected by security breaches. In the aftermath of such attacks, platforms often suspend operations temporarily or escalate user alerts and preventive advisories to limit potential losses.
Many leading DeFi protocols and crypto projects have adopted additional precautionary measures to counteract these risks. Protecting user funds and preserving overall trust in decentralized systems remain at the forefront of their efforts, prompting ongoing enhancements to security frameworks and monitoring procedures.
Industry experts stress that users should avoid conducting transactions through unverified links and always refer to official updates. Domain security has emerged as a critical concern for the whole crypto ecosystem, especially given the scale and influence of major platforms.
Androolloyd, HypurrFi’s founder, advised users via X that the “hypurr.fi domain name has been compromised” and recommended that no one interact with the platform until further notice. He added that users should wait for confirmation from official social channels before resuming any activity.
