#What Caused the Exploit of Humanity Protocol’s H Token?
The incident impacting Humanity Protocol's H token stemmed from a compromised developer machine. A malware infection provided the hacker with root access, revealing several private keys that were critical to the project’s token and bridge infrastructure.
Humanity Protocol detailed that this compromised machine had several production keys backed up during the mainnet launch in June 2025. This included important keys associated with both Ethereum and BSC environments. The breach occurred between June 8 and June 9, leading to significant unexpected losses.
#How Much Was Stolen During the Incident?
Initially, the hacker stole approximately 6 million H tokens from an admin hot wallet on the Ethereum blockchain. Following this, they drained roughly 141 million H tokens from the Ethereum bridge after seizing control of its ProxyAdmin. In a further breach, the attacker minted an additional 300 million H on the BSC platform, using compromised keys connected to the BSC token’s ProxyAdmin. In total, the incident led to the compromise of about 447 million H tokens across both chains.
It’s notable that 15 million H tokens moved into the Ethereum bridge are not counted separately as they were already included in the bridge drain total. The extent of the attack on the BSC side was particularly severe, as the attacker maintains control over that token's ProxyAdmin, enabling further manipulation of the token such as minting or draining.
#What Actions Have Been Taken Post-Incident?
After the incident, the Ethereum H token was secured under a clean 4 of 7 Safe configuration. Despite the breach, Humanity assured that the Ethereum token ProxyAdmin remains secured. The canonical Arbitrum bridge, thankfully, remains unaffected, retaining roughly 87 million H tokens.
Remarkably, this exploit was not due to vulnerabilities in Humanity’s smart contracts or the bridge code. Instead, the attacker effectively used access to legitimate private keys to execute transfers and other transactions.
Humanity Protocol is actively investigating the timeline of the attack to determine how access was gained. An external team of security experts is conducting a forensic analysis, and the project is committed to formulating a recovery strategy for affected users.
Following the exploit, the value of the H token fell by more than 90% before partially recovering over 100% by the following morning. However, it was still trading around $0.21, reflecting a 70% decrease from its pre-exploit price of about $0.68.