Key facts
- Quantstamp suggests North Korean-linked actors are behind the Humanity Protocol hack.
- The hack resulted in the theft of $36 million.
- Attackers used a phishing email disguised as a Bithumb update.
- The phishing email contained a malicious attachment.
- The hack led to the theft of tokens.
- The hack also granted remote access to a compromised employee's laptop.
Blockchain security firm Quantstamp has identified North Korean-linked actors as the perpetrators behind the $36 million hack of Humanity Protocol. The security firm's analysis indicates that the attackers employed a sophisticated phishing campaign to achieve their objective. This campaign involved sending a fraudulent email that appeared to be an official update from the cryptocurrency exchange Bithumb. The malicious email contained an attachment that, when opened by an employee, not only led to the theft of tokens but also granted the hackers remote access to the compromised employee's laptop. This dual-pronged approach allowed the attackers to infiltrate Humanity Protocol's systems and facilitate the large-scale theft of digital assets. The incident highlights the persistent threat posed by state-sponsored hacking groups in the cryptocurrency space.