PANews reported on June 14 that Humanity released an independent investigation report by Quantstamp, which revealed that in the H token security incident, attackers used tools and methods characteristic of North Korean hackers. They communicated via phishing emails posing as the Bithumb exchange, tricking project directors into clicking malicious attachments, thereby deploying remote control Trojans on their devices and ultimately gaining complete desktop control and wallet private keys. Subsequently, they launched on-chain attacks on Ethereum and BNB Chain: on the Ethereum side, they upgraded the contract by stealing keys and transferred approximately 141.18 million H tokens; on the BSC side, they took over the ProxyAdmin contract and minted new tokens. The stolen assets were then continuously dumped on Uniswap and PancakeSwap for about 8 hours, causing a significant impact on liquidity and market prices.

Currently, the H token contract on the Ethereum side has been frozen. The mainnet bridge is unaffected, but the BSC deployment has been taken over by the attackers and they still have minting privileges. The team is working with exchanges and security parties to advance subsequent handling and recovery plans. At the same time, users are reminded to be wary of fake "compensation/claim" links, and the team stated that it will release further updates through official channels.

Previously, it was reported that Humanity Protocol was attacked, and the private key of a Humanity Foundation member was leaked, resulting in the theft of more than $31 million.