Overview
- Humanity Protocol said on June 9 that attackers gained control of admin keys after an employee laptop was compromised and seized ProxyAdmin rights on Ethereum and BNB Smart Chain.
- Attackers drained about 141.2 million H on Ethereum and minted 200,000,005 H on BSC, with Humanity estimating total losses at roughly $36 million.
- On-chain trackers reported the exploiter sold large amounts of H for ETH and BNB, pushing the H token down about 80–90% and leaving thin liquidity for further sales.
- The team has halted deposits and withdrawals on the affected bridges and is working with exchanges, security firms and law enforcement while promising a full post-mortem but offering no reimbursement plan yet.
- Security analysts say the incident shows how single-device key backups and centralized bridge admin points create major operational risk, a pattern behind several large 2026 DeFi losses.