Humanity Protocol says compromised admin keys led to $36M exploit

Humanity Protocol has disclosed that more than $36 million worth of H tokens have been stolen after attackers compromised multiple administrative keys and seized control of bridge infrastructure across Ethereum and BNB Smart Chain.

According to Humanity Protocol’s June 9 incident update, the attack originated after an employee’s laptop was compromised, allowing the attacker to gain access to key holders tied to the project’s bridge administration systems.

The disclosure expands on an earlier statement from Humanity founder and CEO Terence Kwok, who had confirmed that private keys belonging to a Humanity Foundation member were compromised. 

At the time, the project warned users to avoid the Humanity bridge and related liquidity pools while an investigation was underway.

Compromised bridge controls enabled token theft and minting

Details released by Humanity Protocol show that three of six Gnosis Safe owner keys controlling the Hyperlane bridge ProxyAdmin on Ethereum were compromised. Using those credentials, the attacker transferred ownership of the ProxyAdmin contract to a wallet under their control, upgraded the bridge contract to a malicious implementation, and moved about 141.2 million H tokens in a single transaction.

On BNB Smart Chain, the attacker compromised three of five Safe owner keys and carried out a similar takeover of the bridge’s ProxyAdmin contract. Humanity Protocol said the attacker then deployed a malicious contract containing an unlimited mint function and created 200,000,005 H tokens in two separate transactions.

Earlier on June 9, on-chain analyst Specter reported that more than 17 wallets connected to or interacting with Humanity Protocol had been drained. Initial estimates placed losses near $19 million before later blockchain trackers raised the figure above $30 million.

Blockchain monitoring data cited by Specter showed that the attacker sold a portion of the stolen tokens and converted part of the proceeds into Ethereum. According to the analyst’s Telegram update, roughly $23.7 million had been swapped into ETH, while about $7.9 million remained in H tokens.

Separate monitoring from Blockaid had suggested the attacker obtained proxy administrator rights on BNB Smart Chain and minted 100 million H tokens. Humanity Protocol had not confirmed that claim at the time, though the latest incident report now confirms that the attacker gained administrative control and minted additional H on the network.

Team working with exchanges and law enforcement

In its latest statement, Humanity Protocol said deposits and withdrawals through the affected bridges have been halted while response efforts continue.

The project said it is coordinating with exchanges and other parties to reduce further damage. Alongside an internal investigation, Humanity Protocol said it is also working with police authorities in an effort to investigate the breach and recover some of the stolen funds.

Before the latest technical breakdown was published, Kwok said the team was working with security specialists and exchange partners. No reimbursement plan or recovery framework had been announced at that stage.

Market reaction to the exploit was severe, with the protocol’s native token plummeting over 90% in the aftermath.

Source: crypto.news

Humanity Protocol operates a zkEVM-based identity network that uses zero-knowledge proofs and palm biometrics to verify users without storing their personal information in centralized identity databases.

The team said a full post-mortem report will be released once the investigation progresses further.