Tuesday, July 14, 2026
HomeCrypto NewsHumanity Protocol to Prioritize Operational Security following $36M Hack

Humanity Protocol to Prioritize Operational Security following $36M Hack

Humanity Protocol will refocus its cybersecurity efforts on operational security following a June $36 million exploit that was traced back to a compromised employee laptop, according to the founder of the decentralized identity company, Terence Kwok.

In an interview with Cointelegraph, Kwok said that the root cause of the exploit stemmed from last year’s mainnet launch, when several production keys were inadvertently backed up onto the laptop that was compromised, including admin hot wallet keys and a quorum of multisig owner keys across both chains.  He said:

“The hard lesson here is that operational security is as critical as smart-contract security, and we’re rebuilding accordingly.”

The exploit and Humanity Protocol’s action highlight an increase in cryptocurrency hackers refocusing their attacks on staff-level vulnerabilities and operational shortcomings, rather than exploiting smart contract code.

Humanity Protocol was exploited last month, when a compromised employee’s laptop enabled attackers to steal $36 million in Humanity (H) tokens. The token’s current market cap is roughly $211 million, according to CoinMarketCap data.

Blockchain security company Quantstamp said that the malicious attachment that was delivered through a phishing email pointed to the involvement of North Korea-linked threat actors. The malicious attachment was disguised as a token lockup schedule update from South Korean cryptocurrency exchange Bithumb and installed malware, giving attackers remote access to the machine.

The phishing email that led to the Humanity Protocol compromise.
Source: Quantstamp

North Korea-linked threat actors were tied to at least $578 million of the $634 million stolen in crypto-related incidents in April alone. 

Related: AI has not triggered DeFi ‘hackpocalypse,’ Dragonfly partner says

Phishing and wallet compromises lead attack vectors in H1 2026

The Humanity Protocol exploit occurred during a resurgence of cryptocurrency exploits that stemmed from operational failures and social engineering schemes.

Phishing drove the majority of the first quarter losses for a total of $508 million, while wallet compromises emerged as the biggest attack vector in the second quarter, contributing $807 million in losses, according to blockchain security company CertiK.

Monthly change in crypto exploit amounts and number of incidents across H1. Source: CertiK 

To be sure, crypto losses to hacks fell 46.8% year-on-year to $1.32 billion in the first half of 2026, but CertiK said that the drop was misleading due to the $1.4 billion Bybit hack in early 2025 and stressed that North Korean malicious actors continue threatening the crypto industry.

During the second quarter of 2026, more than 70% of the losses stemmed from the Drift Protocol and KelpDAO exploits, which were also widely attributed to North Korean state-sponsored hackers.

Magazine: Does Botanix’s failure prove Bitcoiners don’t care about DeFi? 

cointelegraph.com

RELATED ARTICLES

Most Popular

Recent Comments