Key Highlights
- Humanity Protocol disclosed that approximately 447 million $H tokens were stolen or unauthorizedly minted during the June 8–9 attack.
- Attackers exploited compromised private keys and multisig wallet owners across Ethereum and BNB Smart Chain.
- Around 141 million $H were drained through a malicious bridge contract upgrade on Ethereum.
Humanity Protocol has published a detailed post-mortem following the major security incident involving its native $H token between June 8 and June 9, 2026. The coordinated attacks across Ethereum and BNB Smart Chain (BSC) resulted in the compromise of multiple administrative keys and the loss or unauthorized minting of approximately 447 million $H tokens.
According to the full post-mortem report, the breach unfolded through three main vectors. First, an admin’s hot wallet private key was stolen, leading to the direct theft of about 6 million $H.
Second, attackers compromised three of six owners of an Ethereum Gnosis Safe controlling the bridge’s ProxyAdmin. They transferred ownership, upgraded the bridge contract to a malicious implementation, and drained roughly 141 million $H in a single transaction.
Third, on BSC, three of five Safe owners were similarly compromised. Attackers seized control of the ProxyAdmin, upgraded the token contract, and executed multiple mints totaling 300 million new $H tokens, significantly inflating the supply. The total unique impact is estimated at around 447 million $H, with the attacker retaining ongoing control of the BSC ProxyAdmin and the ability to mint additional tokens.
Full root cause yet to be identified
Humanity Protocol stated that this was not a smart contract exploit. All actions performed by the attacker used legitimately authorized private keys. The protocol is still determining the full root cause of how the device was compromised.
Several details remain unknown, including the exact date the attacker first gained access to the device, the precise method used to install the malware, and how long the keys were held before the attack. The project has engaged external security experts for a full forensic investigation and plans to share additional findings as they become available.
Initial containment measures to narrow exploit impact
The incident triggered an immediate market collapse. The $H token price dropped over 80-90% within hours, falling from around $0.70 to lows near $0.05–$0.07. The attacker reportedly swapped stolen and minted tokens for other assets, adding further downward pressure.
Humanity Protocol has taken initial containment measures, including a halt of deposits and withdrawals. The team is developing a recovery program for affected users and victims, though specific details on compensation or token remediation have not yet been finalized.
Users holding $H in personal wallets were not directly targeted, as the losses primarily affected project-controlled treasuries, bridges, and administrative contracts.
Operational security remains a critical risk
This incident highlights persistent risks in the crypto industry related to private key management and operational security, even for projects with a strong focus on decentralized identity and Sybil resistance. Humanity Protocol, which uses palm scanning for proof-of-humanity verification, had experienced significant growth before the event.
As the situation develops, the community and market will closely monitor recovery efforts and the effectiveness of proposed remediation measures. The full report aims to promote transparency, but the project faces a substantial challenge in rebuilding trust following one of the more notable exploits of 2026.
Also Read: Crypto Market Today: Failed Bitcoin Bounce Puts XRP, SOL Back at Risk
