← 返回
2小时前 · CoinTelegraph

Humanity Protocol to prioritize operational security following $36M hack

Humanity Protocol’s founder said they will refocus on operational security, as malicious actors are switching from smart contract vulnerabilities to exploiting human behavior. Humanity Protocol will refocus its cybersecurity efforts on operational security following a June $36 million exploit that was traced back to a compromised employee laptop, according to the founder of the decentralized identity company, Terence Kwok. In an interview with Cointelegraph, Kwok said that the exploit stemmed from last year’s mainnet launch, when several production keys were inadvertently backed up onto the laptop that was compromised, including admin hot wallet keys and a quorum of multisig owner keys across both chains. He said: The exploit and Humanity Protocol’s action highlight an increase in cryptocurrency hackers refocusing their attacks on staff-level vulnerabilities and operational shortcomings, rather than exploiting smart contract code. Humanity Protocol was exploited last month, when a compromised employee’s laptop enabled attackers to steal $36 million in Humanity (H) tokens. The token’s current market cap is roughly $211 million, according to CoinMarketCap data. Blockchain security company Quantstamp said that the malicious attachment that was delivered through a phishing email pointed to the involvement of North Korea-linked threat actors. The malicious attachment was disguised as a token lockup schedule update from South Korean cryptocurrency exchange Bithumb and installed malware, giving attackers remote access to the machine. The phishing email that led to the Humanity Protocol compromise.
Source: Quantstamp North Korea-linked threat actors were tied to at least $578 million of the $634 million stolen in crypto-related incidents in April alone. Related: AI has not triggered DeFi ‘hackpocalypse,’ Dragonfly partner says The Humanity Protocol exploit occurred during a resurgence of cryptocurrency exploits that stemmed from operational failures and social engineering schemes. Phishing drove the majority of the first quarter losses for a total of $508 million, while wallet compromises emerged as the biggest attack vector in

📌 推荐交易所

欧意 | Binance | Bybit | Bitget | Gate.io


小靓分析:

🦊 小靓解读 Humanity Protocol 因员工笔记本泄露私钥被盗 3600 万美元,暴露了链下操作安全(OpSec)才是当前 DeFi 的主要漏洞源,而非合约代码。这提醒行业:再强的链上安全也扛不住人肉后门。 📊 市场影响 短期对 HP 代币价格构成利空,信任修复需要时间;中长期看,若项目方真能强化 OpSec 流程,反而可能提升整个身份赛道对机构用户的吸引力。类似“人肉攻击”案例(如 Ronin)曾导致链上 TVL 暴跌后缓慢恢复。 💡 操作建议 建议持有 HP 或相关身份赛道代币的用户暂不加仓,等待官方公布具体 OpSec 措施及审计结果后再做判断。对普通交易者而言,这类“内部泄露”事件也提醒要警惕交易所/钱包的热钱包集中风险,分散持仓是王道。

风险提示: 该资讯来源于公开渠道,仅供参考。Traceless 无痕智盈平台不对此信息准确性做任何保证。

💬 0
🏪 策略广场

💬 评论

🔑 登录 后即可评论
暂无评论,来说两句