Humanity Protocol Says Compromised Laptop Led to $36 Million Token Bridge Hack

Humanity Protocol has revealed that a compromised employee laptop was likely responsible for a major security breach that resulted in the loss of more than $36 million in H tokens. The attack affected the project’s token bridges on both Ethereum and BNB Chain.

According to the protocol, attackers gained access to three of six Gnosis Safe multisignature owner keys, giving them control over bridge administration. Once access was obtained, the attackers upgraded bridge contracts with malicious versions.

On Ethereum, approximately 141.2 million H tokens were drained. On BNB Chain, the attackers added a function that allowed unlimited token creation and minted 200 million new tokens directly to wallets under their control.

Founder Explains How the Attack Happened

Humanity Protocol founder Terence Kwok said the project had multisignature controls distributed among four individuals. However, some keys may have been accidentally backed up to a compromised device during the setup process.

Kwok explained that Humanity uses a licensed custodian for most of its token treasury and MPC technology for operational funds, but certain contract keys were initially created in one location before being distributed.

Investigators Examine Possible Planning Behind Attack

Blockchain investigator ZachXBT initially questioned whether market-maker and OTC activity was connected to the exploit. After further review, he said the trading activity appeared unrelated to the private key compromise.

Cyvers security expert Hakan Unal noted that both genuine hacks and insider incidents can appear similar onchain. However, unusual timing, token unlocks, or links to team-connected wallets can raise additional questions.

Meanwhile, Allium Labs researcher Elton Shehdula said wallets involved in the attack were funded weeks earlier and that activity across both chains suggested a highly coordinated operation. Following the breach, Humanity Protocol’s H token plunged more than 85%, while the team halted bridge operations and began recovery efforts.