North Korea-Linked Hackers Steal $36M from Humanity Protocol

A recent hack of Humanity Protocol's decentralized identity system has been tied to suspected North Korean hackers, according to blockchain security company Quantstamp. The attack occurred on Monday and resulted in the theft of $36 million worth of Humanity (H) tokens.

The attackers allegedly used a phishing email that appeared to be from South Korean cryptocurrency exchange Bithumb, tricking a compromised employee into opening a malicious attachment. This allowed them to install malware on the employee's laptop, granting full remote access and enabling them to copy the director's MetaMask wallet credentials and private keys.

Quantstamp noted that the malware was signed with a South Korean Hancom digital certificate, a pattern commonly associated with North Korea-linked intrusions. The company added that this is not an isolated incident, as North Korea-linked threat actors have been linked to at least $578 million of the $634 million stolen in crypto-related incidents in April.

CertiK has also reported on the growing scale and sophistication of North Korean hackers, who have allegedly stolen an estimated $6.75 billion in cryptocurrency over the past decade. The company noted that this represents a core state revenue mechanism for the regime, accounting for a substantial share of their external income.