Hyperliquid is experimenting with borrowing and lending modules on the Hypercore testnet, suggesting that the platform’s core services may be expanded.
This development surfaced after on-chain researcher MLM noted that the team has begun testing a feature labeled BLP. He believes that BLP stands for Borrow Lending Protocol.
Sponsored Sponsored
Is Hyperliquid developing a native lending market?
His findings suggest that Hyperliquid may be preparing to introduce a native money market layer on top of Hypercore. This layer supports borrowing, supplying, and withdrawing assets.
MLM said that while the testnet version of BLP currently only lists USDC and PURR, even limited asset support creates the foundation for something bigger.
He argued that by integrating the financing layer, HyperLiquid could more safely introduce multi-margin trading. In his view, margin positions will be placed on a verifiable pool of loans rather than on an isolated balance sheet.
This architecture mirrors systems already in use across established DeFi money markets and can increase leverage transparency for traders.
Once rolled out, this feature will expand Hyperliquid’s footprint beyond perpetuation and provide users with access to DeFi capabilities currently lacking in the ecosystem.
The move also has the potential to consolidate activities onto a single platform, creating a more integrated trading environment for users who currently rely on external financing markets.
Sponsored Sponsored
Fake Hyperliquid apps raise security concerns
While the team is experimenting with new features, Hyperliquid users are battling another threat: fraudulent mobile applications that have appeared on the Google Play Store.
This app mimics Hyperliquid’s branding, even though Hyperliquid does not offer an official Android or iOS product. Its presence raises questions about app store vetting standards, especially as users increasingly rely on mobile platforms for financial activities.
Cryptocurrency researcher ZachXBT warned that the fake app is designed to steal funds by phishing wallet credentials and private keys.
He has already identified Ethereum addresses associated with the operation, which has amassed more than $281,000 in stolen assets. His warning prompted users to check recent downloads and revoke permissions to avoid further losses.
False listings fit a broader pattern. Several malicious developers have created applications similar to projects like SushiSwap and PancakeSwap to exploit the convenience of mobile access and mislead users.
Scammers often combine these apps with Google’s sponsored ads, allowing fraudulent links to appear above legitimate search results. This increases the likelihood that unsuspecting users will click through.
As Hyperliquid experiments with new infrastructure and users seek easier access points, repeated and coordinated spoofing attempts highlight persistent risks.
Attackers continue to target growing platforms, and users remain vulnerable in the absence of official mobile apps.
