Humanity Protocol hack linked to North Korean actors: Quantstamp

Blockchain security firm Quantstamp linked a malicious attachment delivered via phishing to North Korea-linked threat actors in the Humanity Protocol hack. The decentralized identity company said a compromised employee laptop enabled attackers to steal $36 million in Humanity (H) tokens on Monday.

The attachment was disguised as a token lockup schedule update from South Korean exchange Bithumb and installed malware that gave full remote access to the device. Quantstamp noted the malware was signed with a South Korean Hancom digital certificate, a pattern it described as "characteristic of DPRK intrusions." The attackers used the access to copy Humanity Protocol director Chong Yee Wai's MetaMask credentials and private keys.

The suspected North Korean link adds to a string of large crypto thefts tied to the country. North Korea-linked threat actors were connected to at least $578 million of the $634 million stolen in crypto-related incidents in April.

North Korea

quantstamp, humanity protocol, humanity tokens, north korea, phishing attachment, bithumb, hancom certificate, metamask, private keys, crypto theft