# app.hyperliquid.global — SUSPICIOUS > app.hyperliquid.global impersonates Hyperliquid with a fake login page. Verify legitimacy on PhishDestroy to avoid credential theft. ## Summary PhishDestroy has identified the domain app.hyperliquid.global as a potential brand impersonation threat targeting the cryptocurrency platform Hyperliquid. This domain hosts a fake login page designed to deceive users into submitting their credentials, which could be harvested for unauthorized access or malicious crypto draining activities. The main risk involves credential compromise that could lead to financial loss or account takeover. Technical analysis reveals that app.hyperliquid.global resolves to the IP address 72.61.147.116 and uses an SSL certificate issued by ZeroSSL to create a seemingly legitimate connection. The page title is "Login | Hyperliquid," further contributing to the spoofing attempt. VirusTotal's current scan shows 0 detections out of 95 antivirus engines, indicating the domain has not yet been flagged as malicious by common security vendors. However, the domain is active and under investigation by threat analysts. There is no public data on the registrar or domain creation date provided, and no blocklist counts have been reported so far. Users who have visited app.hyperliquid.global are strongly advised not to enter any login information or personal data. If credentials were submitted, immediate password changes on the official Hyperliquid platform and enabling two-factor authentication are recommended. Regular monitoring of account activity and reporting suspicious behavior to official support channels can help mitigate risks. Always verify URLs carefully and consult PhishDestroy or other threat intelligence sources for updated information before interacting with any site that mimics known brands like Hyperliquid. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: Hyperliquid - Page title: Login | Hyperliquid ## Domain Intelligence - Registrar: REGISTRAR_NOT_FOUND - IP: 72.61.147.116 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/db95c4a7-c474-41ce-a1c0-1cad485845e0 - PhishDestroy: https://phishdestroy.io/domain/app.hyperliquid.global/ - LLM endpoint: https://phishdestroy.io/domain/app.hyperliquid.global/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/app.hyperliquid.global/ Last updated: 2026-03-25