Humanity Protocol’s $36M hack tied to suspected North Korean hackers: Quantstamp
Humanity Protocol’s $36 million token theft was linked to a phishing attack that likely involved North Korea-affiliated hackers. A compromised employee laptop was infected via a fake email posing as a Bithumb token lockup schedule update. The malware reportedly gave attackers remote access and allowed them to steal MetaMask credentials and private keys tied to Humanity Protocol director Chong Yee Wai. Quantstamp said the malware used a South Korean Hancom digital certificate, a pattern associated with DPRK intrusions. The case adds to a broader wave of North Korea-linked crypto thefts. Recent reports say DPRK actors were tied to most of the $634 million stolen in crypto incidents in April and to roughly $2 billion of the $3.4 billion lost in 2025 so far. Over the past decade, they are estimated to have stolen about $6.75 billion in crypto across 263 incidents.
