Purrlend lost $1.5M in a DeFi exploit tied to a suspicious admin wallet update. See what happened on HyperEVM and MegaETH.
Purrlend, a lending protocol built on HyperEVM and MegaETH, suffered a major exploit.
Attackers drained roughly $1.5 million across both networks.
The breach traces back to a suspicious admin multisig transaction. It granted unauthorized bridge privileges hours before the attack.
The protocol has since paused all operations and launched an investigation.
How the Purrlend Admin Wallet Update Triggered the Exploit
According to reports, a key transaction occurred at 1:20 a.m. UTC.
The admin multisig updated borrowing caps and assigned roles to an unknown address.
That address later received bridge privileges, which enabled unbacked token minting. In short, tokens were minted without any actual collateral backing them.
This type of access is highly sensitive in DeFi lending systems. Granting it to an unverified address opened the door for mass fund extraction.
The community quickly flagged the wallet activity as suspicious. Questions about who authorized the transaction remain unanswered.
Purrlend confirmed on its official account that it detected irregular activity.
The team stated the protocol was paused and that further updates would follow. No additional technical breakdown has been released yet.
Breakdown of Stolen Funds Across HyperEVM and MegaETH
On-chain analyst kirbycrypto broke down the stolen assets in detail.
HyperEVM suffered the larger hit, losing $1,197,488 in total. That included 449,683 USDC, 214,125 USDT0, and 194,745 USDH. Other stolen assets included wstHYPE, UBTC, UETH, kHYPE, and WHYPE.
MegaETH recorded losses of $324,549. Attackers took 163,169 USDT0, 36.8 WETH, and 75,745 USDm from that chain.
Combined, the total reached approximately $1.52 million. Kirbycrypto published the full breakdown on X, citing wallet-level transaction data.
The assets targeted were primarily stablecoins and wrapped tokens. These are typically high-liquidity targets in DeFi exploits.
Their ease of movement across chains made them attractive to the attacker.
Read Also:
Community Reaction and DeFi’s Rough April Continues
Community members responded with frustration across social platforms.
Several users pointed to prior red flags. One concern raised was heavy promotion of the protocol right before MegaETH’s token event.
Others called it a potential inside job, though no proof has confirmed that claim.
No funds have been recovered so far. The Purrlend team has not shared a recovery plan publicly. The investigation remains ongoing as of the time of this report.
This incident adds to a difficult stretch for the DeFi sector. April alone has seen over $600 million in losses from various attacks and exploits.
Purrlend joins a growing list of protocols caught in security breaches this month. The pattern has raised broader concerns about access control in DeFi governance structures.
Source: https://www.livebitcoinnews.com/purrlend-exploit-steals-1-5m-on-hyperevm-and-megaeth/
