All Crypto Blogs

Humanity Protocol to prioritize operational security following $36M hack

cointelegraph.com · Jul 14, 2026 at 13:08

Humanity Protocol to prioritize operational security following $36M hack
cointelegraph.com Jul 14, 2026

Humanity Protocol’s founder said they will refocus on operational security, as malicious actors are switching from smart contract vulnerabilities to exploiting human behavior.

Humanity Protocol will refocus its cybersecurity efforts on operational security following a June $36 million exploit that was traced back to a compromised employee laptop, according to the founder of the decentralized identity company, Terence Kwok.

In an interview with Cointelegraph, Kwok said that the exploit stemmed from last year’s mainnet launch, when several production keys were inadvertently backed up onto the laptop that was compromised, including admin hot wallet keys and a quorum of multisig owner keys across both chains.  He said:

The exploit and Humanity Protocol’s action highlight an increase in cryptocurrency hackers refocusing their attacks on staff-level vulnerabilities and operational shortcomings, rather than exploiting smart contract code.

Humanity Protocol was exploited last month, when a compromised employee’s laptop enabled attackers to steal $36 million in Humanity (H) tokens. The token’s current market cap is roughly $211 million, according to CoinMarketCap data.

Blockchain security company Quantstamp said that the malicious attachment that was delivered through a phishing email pointed to the involvement of North Korea-linked threat actors. The malicious attachment was disguised as a token lockup schedule update from South Korean cryptocurrency exchange Bithumb and installed malware, giving attackers remote access to the machine.

The phishing email that led to the Humanity Protocol compromise.Source: Quantstamp

North Korea-linked threat actors were tied to at least $578 million of the $634 million stolen in crypto-related incidents in April alone. 

Related: AI has not triggered DeFi ‘hackpocalypse,’ Dragonfly partner says

The Humanity Protocol exploit occurred during a resurgence of cryptocurrency exploits that stemmed from operational failures and social engineering schemes.

Phishing drove the majority of the first quarter losses for a total of $508 million, while wallet compromises emerged as the biggest attack vector in the second quarter, contributing $807 million in losses, according to blockchain security company CertiK.

Monthly change in crypto exploit amounts and number of incidents across H1. Source: CertiK 

Source

This article is syndicated for educational reading. For the latest updates, visit the original publisher.

Read on cointelegraph.com

Recently Used