Humanity Protocol has lost more than $31 million following a cyberattack that compromised a foundation member’s private key, triggering a sharp market collapse and raising broader concerns about the project’s internal controls.
Blockchain data shows over 17 wallets holding H tokens were drained, with the attacker quickly converting the assets into Ether to obscure transaction trails. Within 24 hours, the token’s price plunged by more than 90 percent, falling below $0.08 and wiping out most of its market value.
Founder Kwok confirmed the breach and urged traders to avoid interacting with the protocol’s smart contracts and liquidity pools while the investigation continues. The foundation said it is working with security specialists to determine how the compromise occurred.
Attack expands through token minting and asset shifts
On-chain analysis indicates the attacker followed a clear liquidation strategy, swapping large volumes of H tokens into Ether, with roughly $9 million already converted in the early stages. The situation escalated further when 100 million new H tokens were minted on BNB Chain without authorization, adding an estimated $11.4 million in supply and intensifying selling pressure.
Wallet tracking shows significant holdings linked to the attacker, including around 18,000 Ether worth over $30 million, along with millions of H tokens and smaller BNB balances.
The breach has been attributed to a failure in private key security rather than a flaw in the protocol’s code, shifting attention toward operational safeguards within the project.
Market reaction and liquidity pressure
The market response was immediate and severe. The token’s market capitalization dropped from nearly $2 billion to roughly $35.7 million as trading activity accelerated across decentralized platforms. Data from Coingecko placed the token near $0.0789 shortly after the attack.
This rapid decline reflects both the direct impact of asset liquidation and a broader loss of confidence tied to the project’s management and security practices.
Questions raised over internal involvement
Researcher ZachXBT has publicly questioned whether the incident could involve coordinated activity rather than an external exploit. He pointed to the use of decentralized trading channels and patterns resembling organized market behavior.
So far, authorities have not confirmed whether internal collusion played any role, and the investigation remains ongoing.
Background concerns around leadership
The incident comes amid existing scrutiny of Humanity Protocol’s leadership. Kwok previously led Tink Labs, which raised $200 million before shutting down in 2019 following management and financial issues. Foundation head Nawfal has also faced past allegations related to unpaid wages and business conduct.
Earlier analysis had already flagged concerns about the team, with reports noting prior legal and financial disputes involving multiple members.
The project itself, originally marketed as a biometric identity system using palm-print verification, had faced criticism over outsourced technology and token distribution practices. Kwok also acknowledged previously that a significant share of verified users may have been bots, adding to credibility concerns.
New project ties and future risks
Further complicating the situation, blockchain researcher ZachXBT linked members of the Humanity group to a separate initiative called Everything. Public data connects the project to Humanity Investments, which raised $6.9 million in a January seed round.
The platform is described as combining derivatives, spot trading, prediction markets, and payments into a single system. Several industry figures, including Zhao, have confirmed early-stage involvement in funding rounds tied to both projects.
Meanwhile, additional downside risks remain. A scheduled token unlock on June 25 is set to release 440 million H tokens into circulation, creating further potential selling pressure.
Stolen funds remain active on-chain
As of now, the stolen assets continue to move across the blockchain, and the total financial impact remains fluid as trading from compromised addresses persists.
The investigation is ongoing, but the scale of the breach and the surrounding controversies have left the project facing significant uncertainty.
Worried about hacks and key leaks? Learn essential protection steps in this crypto security breaches guide before your next trade.
Disclaimer: The content on this page is provided for general informational purposes only and does not represent the views or financial advice of Toobit. We make no guarantees regarding the accuracy or completeness of this information and shall not be held liable for any errors, omissions, or outcomes resulting from its use. Investing in digital assets involves risk; users should independently evaluate their financial situation and the risks involved. For further details, please consult our Terms of Service and Risk Disclosure.
