In a move that will surprise exactly no one who has ever watched a person try to carry a full tray of mugs across a crowded pub while also texting their mum about what to get for tea, Humanity Protocol has blamed a $36 million crypto heist on hackers with ties to North Korea. The official line is that the attackers got their hands on all the critical private keys via a developer’s work device that had been thoroughly compromised by malware, which is basically the digital equivalent of leaving your front door key under the doormat and then posting a photo of the doormat on Instagram for every thief in the world to see.
Summary
- Security firm Quantstamp did the digging and confirmed the $36 million exploit uses all the classic hallmarks of hacks usually pinned on North Korea-linked groups, the kind of tricks that are less “sophisticated state-sponsored cyber operation” and more “steal your lunch money and then leave a very smug note bragging about it”.
- The attackers got access to seven private keys stored on a malware-riddled developer machine, then used said keys to drain 141 million H tokens, which is roughly the equivalent of breaking into a bank vault by finding the combination scrawled on a sticky note stuck to the vault clerk’s monitor.
- Humanity Protocol was very keen to point out no smart contracts were hacked at all – the whole mess was entirely down to compromised credentials, which is the crypto equivalent of blaming a robbery on the fact you wrote your PIN on your debit card and left it in a pub toilet.
Per Humanity Protocol’s June 13 announcement about the Quantstamp-led security probe, the attackers got their claws on key project infrastructure, drained roughly 141 million H tokens from the project’s Ethereum bridge, and then minted even more of the tokens on BNB Smart Chain, which is the digital equivalent of stealing a chocolate bar from a shop and then printing your own vouchers to buy more chocolate from a different shop down the road.
The findings cleared up a lot of the fog around the incident, which had already sent the H token into a nosedive so steep it would make even a Discworld dwarf’s mining elevator look slow, and sparked fresh panic about how woeful operational security is across basically every crypto project going. Turns out the startup mantra “move fast and break things” works just as well for hackers as it does for overexcited 20-something founders, apparently.
Quantstamp noted that the attack used tooling and fake certificate-signing activity that’s pretty much the calling card of North Korean threat actors, the kind of digital fingerprints that are less “unique snowflake” and more “we keep using the same old ladder to break into every second-floor window and act shocked when people notice”.
Turns Out Stolen Private Keys Let You Do All The Official Blockchain Stuff You Want, Who Knew
Bits of info Humanity Protocol has shared since suggest the whole breach started when attackers got root access to a developer’s machine that was already chock-full of malware, which is roughly the equivalent of leaving your front door wide open and then complaining when a stray cat wanders in and eats your sandwich. The project’s incident report, put out earlier this week, says the machine had backups of seven private keys that someone had accidentally left stored on it back when Humanity Protocol launched its mainnet in June 2025. It’s the kind of mistake that would get you a stern talking-to in a Discworld junior wizard apprenticeship, let alone running a multi-million dollar crypto project.
Those credentials covered an admin hot wallet key, three keys for Ethereum Safe wallets, and three for BNB Safe wallets. Humanity Protocol confirmed that having all those keys meant the attacker could control a whole bunch of production systems straight from that one infected laptop, which is the digital equivalent of having a master key that opens every door in the Unseen University, including the ones the Archchancellor swears don’t exist and will have you expelled for even mentioning.
Instead of messing with smart contract code, the attacker just used the perfectly valid stolen credentials to authorize transfers, run Safe transactions, and even approve contract upgrades. Humanity Protocol pointed out that all the transactions had enough valid signatures to meet the Safe threshold rules, so they looked completely legit on the blockchain. It’s the equivalent of a thief using a stolen ID that checks out at every bouncer in Ankh-Morpork, no one bats an eyelid until they’re halfway to the border with a van full of stolen cabbages and suspiciously shiny watches.
After they pulled off the contract upgrade, the attacker drained roughly 141 million H tokens from the Ethereum bridge in one single transaction, the kind of bold move that would make even a senior member of the Ankh-Morpork Thieves’ Guild raise an eyebrow and mutter about “overkill”. Quantstamp says extra H tokens were minted later on BNB Smart Chain, and nearly all the stolen loot was eventually turned into ETH, which is the crypto equivalent of stealing a pile of gold coins and then melting them down so no one can trace where they came from. Mostly, unless you’re very good at tracing melted gold, which most people aren’t.
Humanity Protocol was very keen to stress that none of its bridge contracts, token contracts, or Safe setup were hacked at all. The whole mess, they say, was 100% down to the stolen private keys, not some flaw in the underlying tech. Which is a bit like saying your house was robbed not because you have a terrible lock, but because you left the key under the doormat and posted a video of you doing it on TikTok. Technically true, but not exactly a great look, and definitely not something you want to bring up at your next team meeting.
H Token Crashed So Hard Even Ankh-Morpork’s Worst Market Crash Would Look Stable By Comparison
Market reaction was instant the second the exploit details went public. Reports Humanity Protocol cited say the H token lost 80 to 90% of its value within hours of the breach being announced, a drop so steep it would make even a Discworld cabbage merchant’s stock portfolio look like a safe bet for retirement.
Earlier reporting from crypto.news noted around 447 million H tokens were hit across both Ethereum and BNB Smart Chain. The token did claw back a bit of its losses later on, and was trading at around $0.214 on June 13 – up 20% in the prior 24 hours, but still down a whopping 74% over the week. Which is the equivalent of falling off a cliff, catching yourself on a bush halfway down, and then celebrating because you didn’t die, even though you’re still very much stuck halfway down a cliff with a very sprained ankle and no idea how to get down.
Independent blockchain sleuths also took a look at the mess. Analysis from Lookonchain and pseudonymous on-chain researcher ZachXBT both pointed to a malware-related private key leak as the root cause of the breach, which lined up exactly with what Humanity Protocol was saying. That said, some researchers were still arguing about whether to pin the whole thing on state-sponsored actors, which is the kind of debate that would go on in the Mended Drum pub until closing time, with no one agreeing, everyone buying another round to keep arguing, and at least one person getting thrown out for suggesting the whole thing was just a very elaborate prank by a bored university student.
Quantstamp’s assessment puts Humanity Protocol on a growing list of crypto projects that have been targeted by North Korea-linked hacking groups in recent years. The security firm says the attack is a perfect, very stupid example of how one single compromised device can take down an entire high-value infrastructure setup if you’re daft enough to leave sensitive credentials lying around on it instead of keeping them properly locked away. It’s the digital equivalent of building a fancy, high-security castle, then leaving the gate unlocked and a sign up that says “free treasure inside, come and get it”, and then acting shocked when someone actually shows up to take the treasure.
Read More
- USD PHP PREDICTION
- USD CNY PREDICTION
- Gold Rate Forecast
- Brent Oil Forecast
- USD MXN PREDICTION
- EUR CNY PREDICTION
- GBP CNY PREDICTION
- CNY JPY PREDICTION
- Senate’s CLARITY Act: A July 4th Fireworks Display or Political Fire Sale?
- EUR USD PREDICTION
2026-06-13 01:16