Humanity Protocol to Prioritize Operational Security following $36M Hack

Share This Post

Humanity Protocol will refocus its cybersecurity efforts on operational security following a June $36 million exploit that was traced back to a compromised employee laptop, according to the founder of the decentralized identity company, Terence Kwok.

In an interview with Cointelegraph, Kwok said that the exploit stemmed from last year’s mainnet launch, when several production keys were inadvertently backed up onto the laptop that was compromised, including admin hot wallet keys and a quorum of multisig owner keys across both chains.  He said:

“The hard lesson here is that operational security is as critical as smart-contract security, and we’re rebuilding accordingly.”

The exploit and Humanity Protocol’s action highlight an increase in cryptocurrency hackers refocusing their attacks on staff-level vulnerabilities and operational shortcomings, rather than exploiting smart contract code.

Humanity Protocol was exploited last month, when a compromised employee’s laptop enabled attackers to steal $36 million in Humanity (H) tokens. The token’s current market cap is roughly $211 million, according to CoinMarketCap data.

Blockchain security company Quantstamp said that the malicious attachment that was delivered through a phishing email pointed to the involvement of North Korea-linked threat actors. The malicious attachment was disguised as a token lockup schedule update from South Korean cryptocurrency exchange Bithumb and installed malware, giving attackers remote access to the machine.

The phishing email that led to the Humanity Protocol compromise.
Source: Quantstamp

North Korea-linked threat actors were tied to at least $578 million of the $634 million stolen in crypto-related incidents in April alone. 

Related: AI has not triggered DeFi ‘hackpocalypse,’ Dragonfly partner says

Phishing and wallet compromises lead attack vectors in H1 2026

The Humanity Protocol exploit occurred during a resurgence of cryptocurrency exploits that stemmed from operational failures and social engineering schemes.

Phishing drove the majority of the first quarter losses for a total of $508 million, while wallet compromises emerged as the biggest attack vector in the second quarter, contributing $807 million in losses, according to blockchain security company CertiK.

Monthly change in crypto exploit amounts and number of incidents across H1. Source: CertiK 

To be sure, crypto losses to hacks fell 46.8% year-on-year to $1.32 billion in the first half of 2026, but CertiK said that the drop was misleading due to the $1.4 billion Bybit hack in early 2025 and stressed that North Korean malicious actors continue threatening the crypto industry.

During the second quarter of 2026, more than 70% of the losses stemmed from the Drift Protocol and KelpDAO exploits, which were also widely attributed to North Korean state-sponsored hackers.

Magazine: Does Botanix’s failure prove Bitcoiners don’t care about DeFi? 

Related Posts

The Clarity Act isn’t a ticket to sanctions evasion, actually

Ironically, some critics of the bill have pointed to...

Dragonfly Pushes Back on DeFi AI ‘Hackpocalypse’ Fears

Fears that artificial intelligence would trigger a wave of...

Binance bets on becoming a crypto ‘super app’ as stablecoins reshape growth

Binance believes its next phase of growth will come...

CleanSpark Signs $6.6 Billion Data Center Lease As Bitcoin Miner Pivots To Compute

CleanSpark, the Nasdaq-listed bitcoin miner, said on...

ABA, Banking Associations Push Back Against CLARITY Act Yield Provisions

A wide swath of the US banking industry is...

Mizuho turns bearish on stablecoin issuer Circle, citing Open USD competition

Japanese investment bank Mizuho downgraded Circle (CRCL) to underperform...