Quantstamp says the Humanity Protocol hack that moved 141 million H tokens shows signs of North Korean cyber activity.
Humanity Protocol has shared the results of a new investigation into its recent security breach. Quantstamp investigated the June 8 attack. According to the report, Attackers transferred 141.18 million H tokens. The total damage is estimated to be between $32 million and $36 million.
The attack began with a phishing scam, the report says. A director involved with the Humanity Foundation was targeted. Consequently, they were able to access the person’s laptop remotely. It had valuable wallet data and private keys.
After gaining access, the attackers copied wallet data and private keys. They then used the stolen information to take control of important blockchain contracts. The attack was not due to a smart contract bug, according to Quantstamp. Rather, it was because important security data was on a compromised device.
Quantstamp: Humanity Hack That Moved 141M H Shows Signs of North Korean Hackers
Humanity Protocol released Quantstamp’s investigation into the June 8 H token security incident. According to the report, attackers gained remote access to a director’s device through a phishing… pic.twitter.com/FkzFmLhRtr
— Wu Blockchain (@WuBlockchain) June 12, 2026
Attackers Targeted Ethereum and BNB Smart Chain
The attackers were able to use 3 stolen Safe owner keys on Ethereum. They gained control of the bridge’s ProxyAdmin contract. Then they changed the contract to a bad one. Then they transacted 141.18 million H tokens.
Related Reading: Humanity Protocol Confirms $36M Exploit After Employee Laptop Breach, H Token Crashes 90% | Live Bitcoin News
Meanwhile, the attackers carried out another attack on BNB Smart Chain. They used 3 compromised keys to take control of token administration contracts. As a result, they minted 300 million unauthorized H tokens.
The newly minted tokens were added to liquidity pools. The attackers then sold the tokens for ether and BNB. Thus, the attack simultaneously impacted both Ethereum and BNB Smart Chain.
Quantstamp noted that there were a number of technical indicators that stood out during the investigation. The tools used in the attack were similar to those used in previous North Korean cyber operations, the report said. In addition, certificate-signing patterns were similar to those linked to DPRK-backed hacking groups.
H Token Price Crashes After Exploit
The market reacted quickly after news of the hack spread. The H token was devalued in a relatively short period of time. According to CoinGecko, the token price fell between 85% and 99%.
The token was trading at around $0.74 before the attack. However, it later dropped to between $0.05 and $0.08. This resulted in substantial losses for investors.
Following the incident, Humanity Protocol founder Terence Kwok asked users to stop using token bridges and liquidity pools. The team began rotation and recovery work while the rest of the team was at work. The objective was to secure the network and to stop further damage.
The incident has sparked some questions from the crypto community. Blockchain investigator ZachXBT and others cited big token sales before the exploit. So, some questioned whether there were more factors involved.
On June 8, Humanity Protocol engaged Quantstamp to conduct an investigation into the attack. The firm looked at blockchain activity and analyzed the devices connected to the stolen keys. The incident is a reminder of the ongoing threat posed by phishing attacks to crypto projects, as the investigation continues. It also points out the dangers of keeping important private keys on a single device.
Leave a Reply
You must be logged in to post a comment.