TheCryptoUpdates
Crypto Scams

Humanity Protocol shifts focus after $36M employee laptop hack

Humanity Protocol, a decentralized identity company, plans to prioritize operational security after losing $36 million in a June exploit. The incident, founder Terence Kwok explained in an interview, traced back to a compromised employee laptop that held critical keys from the mainnet launch last year.

The Backstory

According to Kwok, when the mainnet launched, several production keys were inadvertently backed up onto that laptop. These included admin hot wallet keys and a quorum of multisig owner keys across both chains. The attacker, who gained access through a phishing email, used them to steal Humanity (H) tokens.

Blockchain security firm Quantstamp linked the phishing attack to North Korea-related threat actors. The malicious email was disguised as a token lockup schedule update from South Korea’s Bithumb exchange. Once the attachment was opened, it installed malware and gave attackers remote control over the machine. The token’s current market cap sits around $211 million, per CoinMarketCap.

Operational Vulnerabilities on the Rise

This exploit is part of a broader trend. Hackers increasingly target staff-level weaknesses and operational gaps rather than flaws in smart contract code. In April alone, North Korea-linked actors were tied to roughly $578 million of the $634 million stolen in crypto-related incidents.

Phishing drove most first-quarter losses at $508 million, according to CertiK. In the second quarter, wallet compromises became the biggest attack vector, contributing $807 million. Overall, crypto losses from hacks dropped 46.8% year-on-year to $1.32 billion in the first half of 2026. But CertiK cautioned that this drop is misleading because the $1.4 billion Bybit hack happened in early 2025. They stressed that North Korean hackers remain a serious threat.

What Happens Next

Humanity Protocol now aims to tighten operational security. The company will review how keys are stored and ensure sensitive data does not end up on personal devices. Other firms, I think, might want to do the same. The Drift Protocol and KelpDAO exploits in Q2 2026—also blamed on North Korean hackers—showed just how costly a single compromised endpoint can be.

Loading

Related posts

CZ criticizes Etherscan for address poisoning scams, promotes Trust Wallet filters

Timm

iCloud Hacker Demands $175,000 Ransom to be Paid in Bitcoin

Kesarwani

Coincheck of Japan Goes Live on Launching OTC Trading Desk

Kesarwani