OpSec 101: Humanity Protocol Learns the Hard Way That Laptops Aren't Safes 🗝️
Back to feed

OpSec 101: Humanity Protocol Learns the Hard Way That Laptops Aren't Safes 🗝️

Humanity Protocol is overhauling its operational security after a June exploit drained $36 million in Humanity (H) tokens through a compromised employee laptop, founder Terence Kwok told Cointelegraph. The breach stemmed from last year's mainnet launch, when production keys—including admin hot wallet keys and a quorum of multisig owner keys across both chains—were inadvertently backed up onto the device. "The hard lesson here is that operational security is as critical as smart-contract security, and we're rebuilding accordingly," Kwok said. H currently has a market capitalization of roughly $211 million, per CoinMarketCap data.

Blockchain security firm Quantstamp traced the intrusion to a phishing email disguised as a token lockup schedule update from South Korean exchange Bithumb. The malicious attachment installed malware that gave attackers remote access to the machine, and Quantstamp said the tactics pointed to North Korea-linked threat actors. North Korea-affiliated hackers were tied to at least $578 million of the $634 million stolen in crypto-related incidents in April alone, underscoring the threat.

The incident fits a broader pattern of crypto exploits shifting from smart contract code to staff-level vulnerabilities. Phishing accounted for $508 million in losses during the first quarter, while wallet compromises became the dominant attack vector in the second quarter, contributing $807 million, according to blockchain security company CertiK. More than 70% of second-quarter losses stemmed from the Drift Protocol and KelpDAO exploits, also widely attributed to North Korean state-sponsored hackers.

Overall crypto losses to hacks fell 46.8% year-on-year to $1.32 billion in the first half of 2026, though CertiK cautioned the decline is misleading because of the $1.4 billion Bybit hack in early 2025. The firm stressed that North Korean actors continue to pose a persistent threat to the industry, and Humanity Protocol's response highlights how operational security failures—not just code vulnerabilities—remain a leading entry point for sophisticated attackers.

Mentioned Coins

$H
Share:
Publishercryptonewsroom.xyz
Published
CategorySecurity

Disclaimer: This content is for information and entertainment purposes only. It does not constitute financial, investment, legal, or tax advice. Always do your own research and consult with qualified professionals before making any financial decisions.

See our Terms of Service, Privacy Policy, and Editorial Policy.