Home
News
Details

Humanity reports $36 million in stolen tokens following an employee laptop breach

iconKuCoinFlash
Share
Share IconShare IconShare IconShare IconShare IconShare IconCopy
This is the logo of the coin.
ETH
$1,660.792.62%
This is the logo of the coin.
BNB
$599.3272.9%
This is the logo of the coin.
H
$0.1811-5.58%
AI summary iconSummary

expand icon
Humanity reported a $36 million token theft following a security breach involving an employee’s laptop. Attackers gained access to three of six Gnosis Safe keys for the Hyperlane Bridge’s ProxyAdmin, transferred ownership, and stole 141.2 million H tokens. Three BNB Chain Safe keys were also compromised, enabling attackers to mint an additional 200 million H tokens. The project has paused cross-chain deposits and withdrawals and is collaborating with authorities to recover the stolen funds. This incident underscores the importance of on-chain monitoring for detecting security breaches in DeFi.

BlockBeats report: On June 9, Humanity released an update on the $31 million attack. To date, over $36 million in tokens on Ethereum and BNB Chain have been stolen and sold. The incident originated from a compromised employee laptop, resulting in the exposure of three out of six owner keys for the Gnosis Safe controlling the Hyperlane bridge’s ProxyAdmin. The attacker used these keys to transfer ownership of the ProxyAdmin to their own wallet, then maliciously upgraded the bridge contract, stealing approximately 141.2 million H tokens in a single transaction. Three out of five BNB Chain Safe owner keys were also compromised. The attacker performed the same operation on BNB Chain, deploying a malicious implementation with infinite minting capabilities, and minted 200 million H tokens directly to their wallet in two batches.


Humanity stated that it has suspended deposits and withdrawals on all affected cross-chain platforms and is working with all relevant parties to minimize losses. In addition to its internal investigation, Humanity said it is closely cooperating with law enforcement to investigate the incident and recover some of the stolen funds.

Source:Show original
Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information. Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.