TechFlow News, June 14: According to an independent audit report by Quantstamp released by Humanity, the attacker impersonated South Korean exchange Bithumb via phishing emails to communicate with the project’s board members, luring them into opening a malicious attachment that installed a remote-control Trojan on their device—ultimately granting the attacker full desktop control and access to wallet private keys.
After gaining access, the attacker launched attacks on both Ethereum and BNB Chain. On Ethereum, they used the stolen keys to upgrade the contract and transferred approximately 141.18 million H tokens; on BNB Chain, they took control of the ProxyAdmin contract and minted additional tokens. The stolen assets were then continuously dumped over roughly eight hours on Uniswap and PancakeSwap, significantly impacting market liquidity and token price.
The report states that the H token contract on Ethereum has now been frozen, and the mainnet bridge remains unaffected. However, the BNB Chain deployment is still under the attacker’s control, retaining minting privileges. The project team stated it is collaborating with exchanges and security agencies to advance follow-up response and recovery efforts, while urging users to remain vigilant against fraudulent compensation offers and claim links. Previously, Humanity Protocol suffered a theft exceeding $31 million due to a foundation member’s private key leak.
