- Private key compromise drained 19 Humanity Protocol wallets, losing over $31 million.
- Attackers converted H tokens into ETH as the token crashed 90% from intraday highs.
- ZachXBT questioned Humanity’s pre-exploit token surge and trading practices.
Humanity Protocol has suffered a major security breach after private keys belonging to a member of the Humanity Foundation were compromised. More than 19 wallets have been drained for over $31 million, with the attacker actively converting stolen H tokens into Ethereum.
The protocol confirmed the incident and posted on X, “We have detected a security incident involving the compromise of private keys belonging to a member of the Humanity Foundation. We are already working with security experts and our exchange partners on resolution.”
The H token has crashed by approximately 90% from intraday highs, and at the time of writing, it is trading at $0.13.
What Happened
The breach originated from a compromised private key rather than a smart contract exploit. Once the attacker gained access, they drained over 19 wallets and began systematically swapping H tokens for Ethereum to exit their position.
The team has advised all users to avoid the bridge and all liquidity pools immediately until safety is confirmed. Official updates will only come from the verified Humanity Protocol account or Founder Terence Kwok’s personal account.
“Beware of scammers and impersonators who exploit moments like this. We will never DM you first or ask for your seed phrase or private keys,” the team warned.
ZachXBT Raises Deeper Questions
Blockchain investigator ZachXBT did not offer sympathy. He pointed to what he described as weeks of price manipulation before the incident.
“You choose to crime pump your token for weeks with zero fundamentals and think crypto Twitter will blindly trust your story? Disclose your active market maker agreements with the HK entity first,” ZachXBT wrote.
His comments introduce a second layer of concern beyond the hack itself, suggesting the token’s pre-breach price action may warrant its own scrutiny.
Related: Hackers Use Fake LinkedIn Jobs to Steal Crypto Developer Code Pipelines
Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.
