News linked to both this project and an event.
Humanity released a post-mortem report on the H token security incident that occurred between June 8 and 9, stating that the incident was not caused by a smart contract vulnerability, but rather by a malware intrusion into a developer's device, which led to the leakage of private keys. Humanity stated that the attacker still holds the ProxyAdmin permissions for the ETH bridge and the BNB Chain token. Preliminary investigations confirmed that a colleague's device was infected with malware, which the attacker used to obtain the hot wallet private key of the administrator and the private keys for signing on 6 Gnosis Safe wallets. The team has hired an external security agency to conduct a forensic investigation and stated that they are formulating a recovery plan for affected users.
Humanity released an incident update stating that its H token was subject to a coordinated attack on Ethereum and BSC on the evening of June 8, resulting in approximately $36 million worth of tokens stolen and dumped across both chains. The project disclosed that the attack originated from a compromised employee laptop, which led to the leakage of multiple owner keys for the Gnosis Safe controlling the Hyperlane bridge ProxyAdmin. On Ethereum, the attacker seized ownership of the ProxyAdmin and upgraded the contract to a malicious implementation, transferring approximately 141.2 million H tokens in a single transaction. On BSC, after similarly gaining control of the ProxyAdmin, the attacker deployed a malicious implementation with infinite minting capabilities, minting 200 million H tokens in two transactions and continuously dumping them. Humanity has suspended deposits and withdrawals on the affected cross-chain bridge and is cooperating with exchanges and law enforcement to investigate the incident and seek partial recovery of the stolen funds.
Humility Protocol released a security incident update on the X platform, stating that its H token suffered a coordinated attack on the Ethereum and BSC chains yesterday, with confirmed losses exceeding $36 million in stolen and dumped assets.Preliminary investigations indicate the incident originated from a compromised employee computer, which led to the leakage of private keys for the multi-signature wallet controlling the Hyperlane Bridge ProxyAdmin. Specifically, the attacker obtained 3 out of 6 private keys of the Gnosis Safe wallet on the Ethereum chain, transferred ownership of the ProxyAdmin to a wallet under their control, upgraded the bridge contract to a malicious implementation, and subsequently transferred approximately 141.2 million H tokens in a single transaction.Simultaneously, the attacker also gained control of 3 out of 5 private keys of the Safe wallet on the BSC chain, took over the ProxyAdmin using the same method, deployed a malicious contract with unlimited minting functionality, and minted 200 million H tokens in two separate transactions to their own wallet.Humility stated that it has suspended all deposit and withdrawal operations on the affected bridge services and is collaborating with partners such as exchanges to mitigate losses. Meanwhile, it is cooperating with the police investigation and attempting to recover part of the stolen funds.
SUPERFORTUNE AI released a 24-hour investigation update stating that the May 27 GUA security incident was not, as previously suspected, address poisoning—but rather resulted from the leakage of private keys belonging to multi-signature signers. The attacker then forged valid signatures pointing to a malicious address and exploited the “premium address” feature—where the malicious address shared the same first four and last four characters as the legitimate address—to mislead the remaining signers into completing the signing process via the Safe interface.
According to an official announcement, Consensys submitted a comment letter to the U.S. Securities and Exchange Commission (SEC) on May 11, stating that the SEC’s latest interpretive framework for digital assets may leave regulatory gaps, creating compliance uncertainty for self-custodial wallet providers such as MetaMask. Consensys requested that the SEC clarify—through a targeted safe harbor or other exemption—that self-custodial, user-directed interfaces need not register as broker-dealers solely because they facilitate transactions involving non-security digital assets that may be associated with investment contracts. Consensys stated that this measure aims to ensure U.S. users can continue using open, neutral peer-to-peer blockchain tools.