Something strange happened on Hyperliquid on April 9th. A single entity built a massive Fartcoin position across four separate wallets, triggered their own liquidation, and walked away — possibly in profit. The protocol’s liquidity vault wasn’t so lucky.
Blockchain security firm PeckShield and onchain tracker Lookonchain both flagged the incident, piecing together a coordinated move that played out in under three hours. Here’s what actually went down and why it matters for anyone trading on decentralized perpetuals platforms.
Four Wallets. One Entity. A $15 Million Fartcoin Long.
The setup started quietly. According to Lookonchain, four freshly created wallets — all linked to the same entity — each received USDC at the same time. Then they all opened long positions on Fartcoin simultaneously, accumulating 145.24 million tokens worth about $15 million in total.
That kind of coordinated buying pushed Fartcoin to an intraday high of $0.25 on April 9th, its highest price since late January. So far, it looks like a big bullish bet. But that wasn’t the point.
The “Suicide” Liquidation Explained
Once the position was large enough, the attacker deliberately triggered their own liquidation in a low-liquidity environment. PeckShield called it a “suicide” liquidation — and that label fits perfectly.
Here’s why it works. When a massive long position gets liquidated on Hyperliquid, the platform’s Auto-Deleveraging (ADL) mechanism kicks in. ADL exists to handle toxic positions that can’t be absorbed by the market normally. So it pushes the unwanted position onto the Hyperliquidity Provider (HLP) vault, which is essentially a shared pool that backstops the platform.
That vault absorbed the mess. It ended up down $1.5 million from the incident.
Meanwhile, the four wallets technically lost $3.02 million in liquidation losses on paper. But here’s the key detail Lookonchain flagged: “A $3M loss on paper, but likely a massive net profit via cross-venue hedging.”
In other words, the attacker almost certainly held short positions elsewhere — on a centralized exchange or another platform — that paid out when Fartcoin crashed 30% after the liquidation triggered. The paper loss on Hyperliquid was the cost of forcing that crash to happen.
Who Else Got Caught in the Crossfire
The ADL system didn’t just hit the HLP vault. Two other traders got auto-deleveraged as well. Their wallet addresses starting with 0x06ce and 0x4196 were pulled into the deleveraging process and ended up realizing about $849,000 in combined profits from their short positions.
Those traders weren’t necessarily part of the scheme. They were just on the right side of the trade when the collapse happened. The ADL system essentially forced profitable trades to close at current prices to balance the books — which in this case meant realizing gains they may not have intended to take yet.
Fartcoin Takes the Hit
The meme coin itself bore the brunt of all this. After spiking to $0.25, Fartcoin dropped over 13% in 24 hours, landing near $0.17 at the time the incident was reported. That made it the top loser among the 300 largest cryptocurrencies tracked by CoinGecko that day.
A 27% pump followed by a 30% crash inside a few hours. The Evening Trader Group summarized it well: “This is what whale-vs-whale manipulation looks like when both sides are playing the same game, and one of them blinks first.”
Why Decentralized Perps Are a Target for This
Hyperliquid isn’t the first platform to deal with this kind of attack, and it won’t be the last. The ADL mechanism is a standard feature in perpetuals trading — it exists for legitimate risk management reasons. But in low-liquidity conditions, it becomes exploitable.
The attacker’s strategy relied on a few conditions lining up: enough liquidity to build a large position, thin enough order books to force ADL activation, and a cross-venue hedge to profit from the resulting price drop. When all three line up, the protocol absorbs losses while the attacker profits elsewhere.
For regular traders, the lesson is uncomfortable but important. Meme coin perpetuals on any platform carry serious manipulation risk. The tokens themselves are volatile by nature, and their low liquidity makes them easy targets for exactly this kind of coordinated play. The people running these operations often have significant resources, multiple accounts, and positions spread across venues that no single platform can see.
Watching onchain trackers like Lookonchain and security firms like PeckShield flag these patterns is useful, but it usually happens after the damage is done. By the time the incident gets documented and posted, the attacker has already walked away.