HypurrFi Says: Don’t Touch Our Website Right Now
A crypto lending app called HypurrFi is telling everyone to stay away from its website and app. They think someone might have hijacked their domain.
That’s a fancy way of saying: a hacker might be controlling the site you usually visit.
The team posted a warning on Friday. Their message was simple: Do not use the Hypurr.fi domain. It is not safe.
One of the founders, androolloyd, put it even more bluntly on X: “Do NOT USE the HYPURR .FI domain, it is compromised.”
Your money is probably fine—for now
Here’s the good news: The team says user funds are not at risk right now. The bad news? They’re still investigating. No one knows exactly how the hijacking happened or when things will go back to normal.
The problem is with the website—the front door—not the actual contracts running behind the scenes. That’s a common type of attack in crypto. Hackers don’t always break the code. They just steal the doorknob.
About $30 million is locked in the protocol
HypurrFi runs on HyperEVM, which is part of Hyperliquid’s trading world. Right now, people have about $30 million parked in the app. So this isn’t a tiny side project. A lot of users could get tricked if they accidentally visit the wrong site.
The team still controls their social media accounts. That’s important because it means the warnings you see on X are real, not faked.
This keeps happening in crypto
Domain hijacking is becoming a regular headache in crypto. Attackers don’t bother breaking smart contracts anymore. They just take over the website and put up fake buttons that drain your wallet.
Just last month, something similar happened to BONKfun.
So for now, HypurrFi’s message is loud and clear: Stay off the site. Don’t connect your wallet. Don’t sign anything. Wait for the all-clear.
