Overview
- Humanity Protocol said attackers obtained multiple administrative/Gnosis Safe keys tied to its Ethereum and BSC bridge controls, a compromise the project disclosed after on-chain monitors detected drains and rapid token sales on June 8–9.
- Using seized ProxyAdmin privileges the exploiter upgraded bridge implementations, moved about 141.2 million H on Ethereum, and minted roughly 200,000,005 H on BNB Smart Chain according to the project’s technical update.
- On-chain trackers and analysts estimate total losses at roughly $30–36M+, with the attacker swapping about $23.7M of stolen H into ether while leaving millions in unsold H and freshly minted supply in attacker wallets.
- The H token plunged roughly 80–90% intraday as the attacker dumped tokens through DEXes, forcing Humanity to suspend bridge deposits and withdrawals and warn users to avoid the bridge and liquidity pools.
- Humanity is working with security firms, exchanges and law enforcement and has promised a post-mortem; the incident follows a 2026 pattern where stolen private or admin keys, not code bugs, have driven many of the largest crypto losses.