HomeEverythingEducationTV
Equities & FundsCrypto & Digital AssetsAI & TechnologyBusiness & CorporateUS Politics & PolicyGeopolitics & Global RiskMacro, Rates & FXCommodities & EnergyEuropean Politics & MarketsAsia-PacificReal Estate & Property
Story archiveAll categories
← All Stories

Humanity Protocol to bolster security after $36M hack linked to employee laptop

Created at 14 Jul · 1:16 PM1 source↑ Market-relevant
IN SHORT

Humanity Protocol will enhance its operational security measures following a $36 million exploit traced to a compromised employee laptop. The incident highlights a shift in hacker tactics towards exploiting human behavior and operational failures over smart contract vulnerabilities.

✉Newsletter

PiQ Daily

Pick your topics. Get only what matters, on your cadence.

Key Numbers

$36 millionHumanity Protocol exploit loss
$211 millionHumanity token market cap
$578 millioncrypto stolen by North Korea-linked actors in April
$1.32 billioncrypto losses in H1 2026
$1.4 billionBybit hack in early 2025

Who's Involved

Humanity Protocol
decentralized identity company that suffered a $36 million exploit
Terence Kwok
Founder of Humanity Protocol
Quantstamp
Blockchain security company that investigated the exploit
Bithumb
South Korean cryptocurrency exchange

↳ Why This Matters

The incident at Humanity Protocol underscores a critical shift in the threat landscape for cryptocurrency projects, emphasizing that even robust smart contract security can be undermined by operational failures and social engineering, potentially leading to significant financial losses.

Key facts

  • Humanity Protocol lost $36 million in an exploit linked to a compromised employee laptop.
  • Production keys, including admin hot wallet and multisig owner keys, were inadvertently backed up on the laptop.
  • The exploit is suspected to involve North Korea-linked threat actors.
  • The attack vector involved a phishing email delivering malware disguised as a Bithumb update.
  • Humanity Protocol's founder stated operational security is as critical as smart contract security.

Humanity Protocol is enhancing its operational security measures following a $36 million exploit that occurred in June. The breach was traced to a compromised employee laptop containing inadvertently backed-up production keys, including admin hot wallet and multisig owner keys. Terence Kwok, founder of the decentralized identity company, stated that this incident underscores the critical importance of operational security, which is as vital as smart contract security.

The exploit highlights a growing trend where malicious actors are shifting their focus from exploiting smart contract code to targeting human behavior and operational vulnerabilities. Blockchain security firm Quantstamp identified the attack vector as a phishing email that delivered malware disguised as a token lockup schedule update from South Korean exchange Bithumb. This malware granted attackers remote access to the employee's machine.

North Korea-linked threat actors are suspected to be behind the attack. These groups have been linked to a significant portion of cryptocurrency theft, including at least $578 million in April alone. While overall crypto losses from hacks have decreased year-on-year in the first half of 2026, security firms caution that this is partly due to a large Bybit hack in early 2025 and that state-sponsored actors continue to pose a substantial threat to the industry. The Drift Protocol and KelpDAO exploits in the second quarter of 2026 were also widely attributed to these actors.

Frequently asked questions

Humanity Protocol lost $36 million in cryptocurrency during the exploit.

A compromised employee laptop containing sensitive production keys allowed attackers to gain access.

North Korea-linked threat actors are suspected, based on the methods used.

The company learned that operational security is as critical as smart contract security.

What Happens Next

01Humanity Protocol will rebuild its systems with a focus on operational security.
02Further investigations into the North Korea-linked threat actors may continue.

Get the newsletter.

Pick the topics you actually care about. We'll email when there's news worth your time, on the cadence you choose. Cancel any time from your account.

Cadence

How It Developed

Humanity Protocol experienced a $36 million exploit due to a compromised employee laptop.
The exploit involved inadvertently backed-up production keys, including admin hot wallet and multisig owner keys.
North Korea-linked threat actors are suspected, using malware delivered via a phishing email disguised as a Bithumb update.
Phishing and wallet compromises are increasing attack vectors in the cryptocurrency space.
Overall crypto losses from hacks fell year-on-year in H1 2026, but significant exploits persist.
Humanity Protocol's founder emphasized the critical importance of operational security alongside smart contract security.

Sources

T1
Humanity Protocol to prioritize operational security following $36M hackHumanity Protocol’s founder said they will refocus on operational security, as malicious actors are switching from smart contract vulnerabilities to exploiting human behavior.Cointelegraph

Related Stories

EthSystems launches to bring blockchain privacy tech to banks
14 Jul · 2:36 PM
Binance.US CEO aims for 20% market share as exchange rebuilds
13 Jul · 8:31 PM
US spot Bitcoin ETFs see $425M outflow, largest in July
14 Jul · 8:36 AM
New Hampshire Enacts Blockchain Basic Laws, Bolstering Crypto Innovation
13 Jul · 9:00 PM
US government moves $297M in seized Bitcoin, Ether to Coinbase Prime
14 Jul · 3:41 AM