Humanity Protocol lost more than $36 million in H tokens on June 8 after a hacker compromised an employee's laptop and seized control of the project's cross-chain bridge. The attacker controlled three of six Ethereum keys and three of five BNB Chain keys, drained approximately 141.2 million H tokens, and minted roughly 200 million new tokens before the team responded. The breach exploited a compromised endpoint where multiple bridge signing keys were stored, allowing the hacker to transfer ownership of bridge contracts and install malicious code.
Hacker Seizes Bridge Control and Drains 141.2 Million H Tokens
The attack hit both Ethereum and BNB Chain in a coordinated operation. On Ethereum, the hacker controlled three of six Gnosis Safe owner keys; on BNB Chain, three of five. That threshold was sufficient to transfer ownership of the bridge contracts to an attacker-controlled wallet and swap the bridge code for a malicious version.
With control established, the attacker drained about 141.2 million H in a single Ethereum transaction. On BNB Chain, the hacker installed code containing an unlimited mint function and created roughly 200 million new H tokens directly to their own wallet. Security firm Blockaid identified the attacker obtaining proxy administrator rights and minting the additional supply.
H Token Crashes 85% as Humanity Protocol Halts Bridge
The H token collapsed after the breach, falling from a Monday high near $0.73 to lows around $0.12, more than 85%. Humanity Protocol halted all bridge deposits and withdrawals. The team is coordinating with exchanges, security partners, and law enforcement on investigation and asset recovery, with a full post-mortem promised.
CEO Confirms Endpoint Breach, Investigators Rule Out Insider Theft
Humanity Protocol founder and chief executive Terence Kwok confirmed the cause was a compromised endpoint, not a smart-contract flaw. "This was a result of a breach that happened after an employee's laptop was compromised," Kwok stated. The team had set up its multisig across four individuals, but Kwok said the team suspects some of the signing keys were accidentally backed up to the same compromised device during setup — meaning one endpoint exposed multiple approvals that a multisig is designed to keep separate.
On-chain investigator ZachXBT and analyst Specter tracked the stolen funds and ruled out insider theft.
FAQ
What happened to Humanity Protocol on June 8?
A hacker compromised an employee's laptop, seized control of the project's cross-chain bridge by obtaining three of six Ethereum keys and three of five BNB Chain keys, drained approximately 141.2 million H tokens, and minted roughly 200 million new tokens.
Why did the H token price crash after the hack?
The H token fell more than 85%, from a Monday high near $0.73 to lows around $0.12, after the breach was disclosed and Humanity Protocol halted all bridge deposits and withdrawals.
How did the attacker gain control of the bridge keys?
CEO Terence Kwok confirmed the breach resulted from a compromised employee laptop. The team suspects multiple bridge signing keys were accidentally backed up to the same compromised device during multisig setup, exposing approvals that should have remained separate.
