Quantstamp Links $36M Humanity Protocol Hack to North Korean Threat Actors via Phishing Attack
By
@cointelegraph
Summary
Blockchain security firm Quantstamp has linked the recent $36 million exploit of Humanity Protocol's bridge to North Korean hackers. The attack originated from a phishing email containing a malicious attachment disguised as a token lockup schedule update from Bithumb, a South Korean crypto exchange. The malware gave attackers full remote access to a compromised employee's laptop, enabling the theft of Humanity (H) tokens. The incident highlights ongoing cybersecurity threats from state-linked hacking groups targeting the cryptocurrency sector.
Source
Key quotes
· 3 pulledA malicious attachment delivered through a phishing email points to the involvement of North Korea-linked threat actors in Humanity Protocol's recent hack, according to blockchain security company Quantstamp.
The decentralized identity company said a compromised employee's laptop enabled attackers to steal $36 million in Humanity (H) tokens on Monday.
The malicious attachment was disguised as a token lockup schedule update from South Korean cryptocurrency exchange Bithumb.
You might also wanna read

Crypto hacks fell 47% in H1 but ecosystem is no safer: CertiK
Kimsuky Leak Exposes North Korea's Credential Theft Operations and Chinese Infrastructure Links
A rare breach attributed to a North Korean-affiliated actor known as "Kim" has exposed detailed insights into Kimsuky (APT43) operations. Th
dti.domaintools.com·10mo agoTrust Wallet Chrome Extension Compromised in Supply Chain Attack, $7 Million Stolen
The Trust Wallet Chrome extension was compromised in a supply chain attack where malicious code in version 2.68 exfiltrated wallet seed phra
Supply Chain Attacks on Open-Source Software: Case Study of Malicious Pull Request Attempts
The article discusses recent supply chain attacks on open-source software projects like LiteLLM and axios, with a specific case study of att

AI agents Grok and Bankrbot tricked into sending $200K in tokens via Morse code prompt injection
A user on X tricked two AI agents (Grok and Bankrbot) into sending approximately $200K worth of DRB tokens by using a Morse code prompt inje
Cryptopolitan·1mo agoCrypto's Unspoken Risks: Political Division and Quantum Computing Threats
The article discusses the current subdued mood in cryptocurrency markets as Bitcoin hovers near $65,000 (down ~50% over the past year), and

Comments
Sign in to join the conversation.
No comments yet. Be the first.