HypurrFi warns users to avoid its website after a suspected domain hijack scare.
HypurrFi has warned users to stay away from its website and lending platform after it detected a possible domain hijacking. The DeFi protocol said the issue appears tied to its front-end domain and not its core blockchain systems. It also said there is no evidence at this stage that user funds have been affected.
HypurrFi warns users to avoid its platform
HypurrFi issued a public alert after spotting what it described as a possible compromise of its main domain. The team asked users not to visit the website or interact with the app until it gives a new update. It said the domain may expose users to harmful activity while the review continues.
The founder, androolloyd, also warned users on X. He wrote, “Do NOT USE THE HYPURR .FI domain, it is compromised.” The protocol later repeated that message and told users, “Do not interact with the app until further notice from the team.” At the same time, HypurrFi said its social media accounts remain under its control and are the only trusted source for updates during the incident.
The project said the problem appears to be limited to the front end. That means the concern is tied to the website interface users see and use, not the smart contracts that run onchain. Even so, the team asked users to avoid all activity until it confirms the platform is safe to access again.
HypurrFi Team says no evidence of loss to user funds
HypurrFi said it has not found any sign that user funds are at risk. The team stated that the current concern involves domain access and not the lending protocol’s core infrastructure. That distinction matters because a front-end issue can still put users at risk if they connect wallets to a false or altered website.
Attackers often use compromised domains to show fake prompts or malicious transaction requests. In some cases, users are asked to approve token access or sign wallet actions that transfer funds. Because of that, even a protocol with secure smart contracts can expose users if the website layer is taken over.
HypurrFi operates as a lending and borrowing protocol on HyperEVM. HyperEVM is an EVM-compatible network linked to the Hyperliquid ecosystem. Data from DefiLlama indicates HypurrFi’s total value locked at about $30 million, which makes it a mid-sized project in the DeFi lending market.
Domain hijacks remain a common crypto threat
Domain hijacking remains a recurring issue across crypto and DeFi platforms. These attacks usually target offchain services such as DNS settings, registrar access, or hosting tools. Once attackers gain control, they can replace a real interface with a harmful one that looks normal to users.
This type of attack focuses on trust. Users often rely on official project websites, so a fake version can be hard to spot at first glance. As a result, teams usually respond by freezing front-end access, posting warnings on social media, and telling users not to connect wallets until the domain is secured.
The HypurrFi case follows other recent front-end security scares in the crypto market. Similar events have shown that audited smart contracts do not remove all user risk when the website itself becomes the point of attack. For now, HypurrFi says it is working to secure the domain, review the scope of the issue, and keep users informed through its verified social channels.
