———🚨🚨URGENT🚨🚨 ——— @HyperliquidX Requesting Immediate Help from Hyperliquid Team, My Hyperliquid account has been compromised and was converted into a multi-sig account without my consent. The attacker added their own wallet as the sole authorized signer, effectively locking me out of my account. all my $HYPE tokens have been unstaked, and the 7-day unstaking period has started. As of today, there are 6 days left until the funds become withdrawable and at risk of being drained by the attacker Here are the relevant details: - Compromised HyperCore account: 0xeB97f37e7065A50a46f5DDEfc49e0419aBb931Bd - Attacker's wallet (current sole authorized signer): 0x768f2ebd51176ad3783602dc86cca7c8355cdf94 - Threshold: 1 - Authorized signers: only the attacker hacker - I still have full control over the original EVM wallet linked to the account. I am the legitimate owner and can sign any message using my original EVM wallet to prove identity. I am requesting immediate assistance to: - Freeze or lock the account temporarily to prevent further actions - Remove the unauthorized multi-sig setup - Or transfer the assets to a new wallet I control Please let me know what proofs or verifications you need from me. I am ready to cooperate fully and provide any signatures or identity verifications required. This is urgent, as my assets are at risk. Thank you for your understanding and prompt support. If you're reading this and can't help directly, please push like or react to this message to help bring it to the attention of the right people on the team. Even just one like or comment could make the difference in getting this noticed by the right people. Thank you so much. my Discord name: ciro.hl @chameleon_jeff @Valinorae @xulian_hl @iliensinc @HyperFND @Hyperintern @hypurr_co @HypioHL @0xHyperBeat @nansen_ai @infinitefieldx @HyperStakeX @HypurrScan @validaoxyz @asxn_r @bharvest_intern @hyperpc_ @luganodes @HyBridgeHL @PiPonHL #HYPE #HYPERLIQUID

[deleted & reposted to clarify it's a phishing attack, NOT a hack] In the last 60 days, a phishing attack has compromised 1200+ addresses on Hyperliquid The phishing attack works with a single signature that upgrades the EOA to a 1 of 1 multisig with the attacker as the only signer The upgrade is immediate & gives the hacker full access to all of their assets on HyperCore (including unstaking HYPE & withdrawing after 7 days) Multsigs are a HyperCore primitive & so the attacker does not gain access to assets on HyperEVM (only HyperCore) Putting a spreadsheet of compromised addresses in the next tweet (ty @_Syavel_ for data)