Humanity Protocol to prioritize operational security following $36M hack

Summary

Humanity Protocol will shift more of its cybersecurity focus to operational security after a June exploit that stole $36 million in H tokens. Founder Terence Kwok said the breach came from a compromised employee laptop that contained backed-up production keys from the mainnet launch, including admin hot wallet keys and multisig owner keys across both chains. He said operational security is as critical as smart-contract security. The attack reflects a broader trend in crypto: hackers are increasingly targeting employees, phishing, and wallet compromises instead of smart contracts. Quantstamp said the phishing email used a fake Bithumb token lockup update and installed malware, with signs pointing to North Korea-linked actors. CertiK reported phishing dominated Q1 losses and wallet compromises led Q2 losses. North Korean-linked groups remain a major threat to crypto security.