Humanity Protocol Links $36M Bridge Hack to Compromised Employee Laptop

Humanity Protocol has confirmed a major security incident that resulted in the loss of over $36 million in H tokens after an employee’s laptop was compromised, giving attackers access to critical bridge controls. The breach impacted token operations across both Ethereum and BNB Chain.

Following the initial compromise, investigators found that 3 out of 6 Gnosis Safe owner keys were exposed, enabling attackers to take control of bridge administration on both networks. With this access, they replaced the existing bridge contracts with malicious versions.

As the attack progressed, the impact varied across chains. On Ethereum, approximately 141.2 million tokens were drained. Meanwhile, on BNB Chain, attackers introduced a function that enabled unlimited minting and issued 200 million tokens directly to their own wallet.

Humanity founder Terence Kwok explained that multisignature security had been distributed among four individuals, but suggested that some keys may have been inadvertently backed up to a compromised device during setup, contributing to the breach.

Source: Humanity Protocol