Quantstamp Links North Korean Hackers to $36M Humanity Protocol Exploit

yesterday / 22:30 2 sources negative

Key takeaways:

  • North Korean hackers’ shift to phishing exposes crypto’s vulnerability to social engineering, not just code exploits.
  • The H token’s 80% plunge exemplifies extreme downside risk from poor key management in altcoins.
  • Attackers’ unlimited H minting on BSC threatens token price recovery with persistent sell pressure.
H H $0.27 +24.66%

Blockchain security firm Quantstamp has released its investigation into the June 8 security breach of the Humanity (H) token, attributing the attack to North Korean state-sponsored hacking groups. The report details a sophisticated phishing campaign that compromised a developer's device, leading to the theft of approximately 141 million H tokens worth around $36 million at the time.

How the Attack Unfolded

According to Quantstamp, attackers gained remote access to an executive’s machine via a targeted phishing email. The device contained backups of seven private keys—including an admin hot wallet key, three Ethereum Safe owner keys, and three BNB Safe owner keys—that had been inadvertently stored there since Humanity Protocol’s mainnet launch in June 2025. Using these valid credentials, the hackers were able to upgrade the H token contract on Ethereum, drain roughly 141 million tokens from the bridge, and later seize proxy administrator privileges on the BNB Smart Chain to mint an unlimited number of additional H tokens. In total, approximately 447 million tokens were affected across both chains.

North Korea Attribution

Quantstamp identified specific tools, certificate-signing patterns, and operational security methods consistent with prior attacks by groups like the Lazarus Group. This aligns with a broader pattern of North Korean cyber operations targeting the crypto sector to fund the regime, as documented by the United Nations and cybersecurity firms.

Impact on the H Token

The breach triggered a sharp sell-off, with the H token losing between 80% and 90% of its value shortly after disclosure. While the price partially recovered to around $0.214 by June 13, it remained down approximately 74% over the week. Humanity Protocol stressed that no smart contracts, bridges, or Safe architecture were exploited—the incident resulted solely from stolen private keys. The event underscores the critical importance of hardware wallet usage, multi-signature governance, and strict isolation of sensitive credentials from production environments.

Previously on the topic:
Jun 9, 2026, 10:06 a.m.
ZachXBT Concludes Humanity Protocol Hack Was External, Not Insider Theft
H H Humanity $0.27 +24.66%
Massive 80–90% crash after state‑sponsored hack destroyed trust. Partial bounce to $0.214 signals dead‑cat pattern; further sell‑offs likely as confidence evaporates, long‑term recovery doubtful without radical security overhaul.
Sources
Quantstamp Investigation Links H Token Exploit to North Korean Hackers
bitcoinworld.co.in 12.06.2026 19:10
Humanity Protocol blames North Korea-linked hackers for $36M theft
crypto.news 12.06.2026 22:06
Top Today
yesterday / 17:18 11 sources
Bybit, Binance, Bitget Cancel SpaceX IPO Tokenized Offerings and Refund Users
SPCXX
SPCXB
yesterday / 16:12 5 sources
Analysts Spotlight Altcoins Poised for Gains as 2026 Altseason Anticipation Builds
ENA ENA $0.07795 -1.04%
SUI SUI $0.76 +0.62%
APT APT $0.65 +0.43%
RAY RAY $0.60 +1.27%
CRV CRV $0.24 -7.37%
yesterday / 16:05 6 sources
Exodus and Ondo Finance Launch Tokenized Stock Trading on Solana
EXOD
SOL SOL $67.37 +0.94%
ONDO ONDO $0.36 -1.75%
yesterday / 15:23 6 sources
Sam Bankman-Fried Loses Appeal as U.S. Court Upholds FTX Fraud Conviction
yesterday / 13:58 5 sources
AFX Hires Industry Veteran Ken C as Head of Growth to Drive Global Expansion
yesterday / 12:31 7 sources
SHIB Burn Rate Surges 883% as Price Bounces Off Critical Support
SHIB SHIB $0.000004878 +0.80%
yesterday / 12:27 5 sources
SpaceX IPO and Iran Peace Hopes Lift US Futures, Cool Inflation Fears
Disclaimer

The content on this website is provided for information purposes only and does not constitute investment advice, an offer, or professional consultation. Crypto assets are high-risk and volatile — you may lose all funds. Some materials may include summaries and links to third-party sources; we are not responsible for their content or accuracy. Any decisions you make are at your own risk. Coinalertnews recommends independently verifying information and consulting with a professional before making any financial decisions based on this content.