News linked to both this project and an event.
Humanity released a post-mortem report on the H token security incident that occurred between June 8 and 9, stating that the incident was not caused by a smart contract vulnerability, but rather by a malware intrusion into a developer's device, which led to the leakage of private keys. Humanity stated that the attacker still holds the ProxyAdmin permissions for the ETH bridge and the BNB Chain token. Preliminary investigations confirmed that a colleague's device was infected with malware, which the attacker used to obtain the hot wallet private key of the administrator and the private keys for signing on 6 Gnosis Safe wallets. The team has hired an external security agency to conduct a forensic investigation and stated that they are formulating a recovery plan for affected users.
Humanity released an incident update stating that its H token was subject to a coordinated attack on Ethereum and BSC on the evening of June 8, resulting in approximately $36 million worth of tokens stolen and dumped across both chains. The project disclosed that the attack originated from a compromised employee laptop, which led to the leakage of multiple owner keys for the Gnosis Safe controlling the Hyperlane bridge ProxyAdmin. On Ethereum, the attacker seized ownership of the ProxyAdmin and upgraded the contract to a malicious implementation, transferring approximately 141.2 million H tokens in a single transaction. On BSC, after similarly gaining control of the ProxyAdmin, the attacker deployed a malicious implementation with infinite minting capabilities, minting 200 million H tokens in two transactions and continuously dumping them. Humanity has suspended deposits and withdrawals on the affected cross-chain bridge and is cooperating with exchanges and law enforcement to investigate the incident and seek partial recovery of the stolen funds.
Humility Protocol released a security incident update on the X platform, stating that its H token suffered a coordinated attack on the Ethereum and BSC chains yesterday, with confirmed losses exceeding $36 million in stolen and dumped assets.Preliminary investigations indicate the incident originated from a compromised employee computer, which led to the leakage of private keys for the multi-signature wallet controlling the Hyperlane Bridge ProxyAdmin. Specifically, the attacker obtained 3 out of 6 private keys of the Gnosis Safe wallet on the Ethereum chain, transferred ownership of the ProxyAdmin to a wallet under their control, upgraded the bridge contract to a malicious implementation, and subsequently transferred approximately 141.2 million H tokens in a single transaction.Simultaneously, the attacker also gained control of 3 out of 5 private keys of the Safe wallet on the BSC chain, took over the ProxyAdmin using the same method, deployed a malicious contract with unlimited minting functionality, and minted 200 million H tokens in two separate transactions to their own wallet.Humility stated that it has suspended all deposit and withdrawal operations on the affected bridge services and is collaborating with partners such as exchanges to mitigate losses. Meanwhile, it is cooperating with the police investigation and attempting to recover part of the stolen funds.