coin-img-HYPEHYPE-7.91%coin-img-OPNOPN-16.49%coin-img-BNLIFEBNLIFE-1.47%coin-img-ETHETH-2.25%coin-img-BTCBTC-2.58%coin-img-SOLSOL-3.33%coin-img-USDCUSDC+0.04%coin-img-XRPXRP-3.43%coin-img-HYPEHYPE-7.91%coin-img-OPNOPN-16.49%coin-img-BNLIFEBNLIFE-1.47%coin-img-ETHETH-2.25%coin-img-BTCBTC-2.58%coin-img-SOLSOL-3.33%coin-img-USDCUSDC+0.04%coin-img-XRPXRP-3.43%coin-img-HYPEHYPE-7.91%coin-img-OPNOPN-16.49%coin-img-BNLIFEBNLIFE-1.47%coin-img-ETHETH-2.25%coin-img-BTCBTC-2.58%coin-img-SOLSOL-3.33%coin-img-USDCUSDC+0.04%coin-img-XRPXRP-3.43%coin-img-HYPEHYPE-7.91%coin-img-OPNOPN-16.49%coin-img-BNLIFEBNLIFE-1.47%coin-img-ETHETH-2.25%coin-img-BTCBTC-2.58%coin-img-SOLSOL-3.33%coin-img-USDCUSDC+0.04%coin-img-XRPXRP-3.43%

Humanity Protocol: H Token Exploit Traced to Compromised Developer Device

Humanity Protocol said the exploit that struck its H token late Monday stemmed from a developer machine that had been compromised, exposing multiple private keys linked to the project's token and bridge infrastructure. In a post-mortem update, the team said malware on a colleague's computer gave the attacker root access. During Humanity Protocol's mainnet launch around June 2025, several production keys were inadvertently backed up to that device, including an admin hot-wallet key, three Ethereum Safe owner keys, and three BSC Safe owner keys. The incident impacted H on Ethereum and BSC between June 8 and June 9. Humanity said the attacker first stole about 6 million H from an Ethereum admin hot wallet, then drained roughly 141 million H from the Ethereum bridge after taking control of its ProxyAdmin. On BSC, the attacker minted 300 million H after compromising three Safe owner keys associated with the BSC token's ProxyAdmin. Humanity estimated the total impact at about 447 million H across both chains, covering the direct Ethereum theft, the bridge drain, and the newly minted BSC supply. The team added that 15 million H initially moved into the Ethereum bridge was already included in the 141 million H drain figure and should not be counted separately. Humanity said the BSC side is the most severe. The attacker still controls the BSC token's ProxyAdmin, allowing continued minting, pausing, or draining of tokens. The project described the BSC H token as unrecoverable and said it should be treated as permanently compromised. On Ethereum, the H token itself was frozen after the incident by a clean 4-of-7 Safe. Humanity said the Ethereum token ProxyAdmin remains under clean Safe control. The canonical Arbitrum bridge was not affected and still holds roughly 87 million H. The team emphasized the exploit was not driven by a vulnerability in Humanity's smart contracts, bridge code, or Safe configuration. Instead, the attacker used legitimate private keys to authorize transfers, Safe transactions, proxy upgrades, bridge drains, and token mints. Humanity said it is investigating when access was first obtained, how the malware infected the device, and how long the attacker held the keys before executing the exploit. The project has engaged external security experts for forensic work and is preparing a recovery program for affected users. H fell more than 90% late Monday into early Tuesday, then rebounded more than 100% by Tuesday morning. The token was recently trading near $0.21, still down nearly 70% from its pre-exploit level of about $0.68.
Selected
H
H-33.71%
ETH
ETH-2.29%
Disclaimer: The content above is only the author's opinion and does not represent BingX’s stance. It shall not be construed as investment advice from BingX. For details, refer to the Terms and Conditions.