Humanity Protocol H Token Falls 85% After $30M Key Breach
H token tumbled 85% to $0.08 after attackers used a compromised private key to drain over $30 million from addresses linked to the Humanity Foundation.
The H token of Humanity Protocol fell 85% on Tuesday after attackers used a compromised private key tied to a Humanity Foundation member to drain more than $30 million, moving the price from about $0.70 to $0.08 over roughly 12 hours. Terence Kwok, founder and CEO of Humanity Protocol, announced the incident and wrote that the team had “detected a security incident involving the compromise of private keys belonging to a member of the Humanity Foundation.” The message urged users not to interact with the protocol’s bridge or any liquidity pools until they are declared safe and noted the team was working with security experts. On-chain investigators reported wallets linked to, or that previously interacted with, Humanity Protocol were being compromised in an ongoing attack. Analytics firms tracking the flows observed the exploiter routing large H-token swaps through automated market makers and aggregators, including Kyber Network and PancakeSwap, as the attacker converted stolen tokens. Records traced by on-chain trackers indicate the exploiter moved more than $30 million worth of H tokens. Rapid sell orders coincided with the steep price drop over about a 12-hour period. Humanity Protocol operates as a zkEVM blockchain-based decentralized identity project focused on Proof of Humanity and uses palm biometric data with privacy-preserving methods to verify users. The native H token is used across the network and in liquidity pools and bridges that facilitate transfers of the asset. The developer advisory to avoid bridges and pools reflected concerns that private keys tied to protocol administration or user interactions may have been exposed, enabling the attacker to move funds across on-chain markets. Humanity’s leadership has not released a detailed forensic timeline or a list of compromised addresses. Investigators continue to trace on-chain flows to determine the full scope of the breach. Private key compromises have increased this year. A high-profile April incident involved attackers taking control of admin keys at another protocol and resulting in $280 million in losses. Other projects that reported key or wallet-related losses this year include Step Finance, Resolv, Volo Vault, Echo Bridge, Bankr, Polymarket, StablR, Stake DAO, Gravity Bridge and Aelphium Bridge. Security firm reports showed wallet or private key compromises were the second-most costly attack vector in May, with about $13.7 million in stolen value that month.
The material on GNcrypto is intended solely for informational use and must not be regarded as financial advice. We make every effort to keep the content accurate and current, but we cannot warrant its precision, completeness, or reliability. GNcrypto does not take responsibility for any mistakes, omissions, or financial losses resulting from reliance on this information. Any actions you take based on this content are done at your own risk. Always conduct independent research and seek guidance from a qualified specialist. For further details, please review our Terms, Privacy Policy and Disclaimers.
Articles by this author
