Humanity Protocol Security Breach: The Cost of a Phishing Attack

Humanity Protocol recently disclosed the details of a devastating security breach that led to the compromise of its $H$ token on June 8. A sophisticated phishing campaign targeted a high-level director, resulting in stolen private keys and the unauthorized manipulation of smart contracts across multiple blockchains. The fallout has forced the project to freeze its Ethereum operations and permanently abandon its deployment on the BNB Chain.

A Sophisticated Social Engineering Scheme

The breach originated from a deceptive phishing email that impersonated the Bithumb cryptocurrency exchange, a platform the targeted director had been in contact with. By opening a malicious attachment, the director unknowingly installed remote-access malware that bypassed traditional endpoint security measures. This granted attackers full desktop control, allowing them to extract wallet data and private keys directly from the device. An independent investigation by Quantstamp noted that the malware's signatures were characteristic of North Korean-linked (DPRK) cyber activities.

Market Devastation and Strategic Shutdowns

Once in control of the administrative credentials, the attackers upgraded Ethereum contracts to move over 140 million tokens and took control of ProxyAdmin contracts on the BNB Smart Chain. This enabled them to mint an unlimited supply of new $H$ tokens, which were subsequently dumped into liquidity pools on Uniswap and PancakeSwap. The resulting eight-hour selling spree triggered a total collapse in the token's market price and severely damaged liquidity for all holders. While the team successfully froze the Ethereum contract using a clean multisig wallet, the BNB Chain deployment remains under attacker control. Consequently, the project has officially abandoned the BNB Chain deployment as the attacker retains the ability to continue minting tokens indefinitely.