Particle.news

Humanity Protocol Moves Toward Enterprise AI After $36M Key‑Compromise Hack

A developer laptop breach defeated multisig protections, forcing a token migration that will test exchanges’ compensation and recovery plans.

Overview

  • Attackers obtained private keys from a compromised developer laptop and used them to control multisig wallets, draining about 141 million H tokens and minting extra supply across chains for roughly $30–$36 million in direct loss.
  • The H token plunged about 80–90% in value as attackers sold minted tokens and liquidity dried up, prompting Humanity Protocol to pause bridges and retire the compromised contracts.
  • Humanity Protocol has issued a replacement H token and is coordinating swaps, snapshots, airdrops and compensation discussions with major exchanges while forensic work and law enforcement contacts continue.
  • Security firm Quantstamp and the project’s investigation found the cause was key compromise rather than smart‑contract bugs and said the attack showed traits linked to North Korea‑associated actors, though recovery of stolen funds is described by leadership as unlikely.
  • The incident highlights how weak endpoint and key management can defeat multisig safeguards and has prompted the team to shift its product focus to enterprise AI as it rebuilds the protocol and seeks to restore user trust.