$36 Million Humanity Protocol Breach: Stolen Funds Moved Through Multiple Wallets and Exchanged for Stablecoins

The attacker behind the recent $36 million breach of Humanity Protocol has started moving and converting the stolen assets. The exploiter converted some of the funds into USDC before transferring them to KuCoin, according to blockchain tracking data.

As is often seen in major crypto exploits, the assets were divided among multiple wallets and transferred in several transactions. This was done to make tracking more difficult and obscure the origin of the assets. The attacker also conducted token swaps, including conversions into stablecoins such as USDT and USDC, before depositing the funds into KuCoin.

The exploit occurred on June 8 after a project director received a phishing email disguised as a communication from a major South Korean crypto exchange. The email contained a malicious file that installed malware on the victim's device, enabling the attacker to gain remote access and extract sensitive information, including private keys and wallet credentials.