Humanity Protocol Security Incident Escalates: More Than $31 Million Stolen From Related Addresses as Attacker Continues Selling H for ETH
Current public information shows the incident is still evolving rapidly. On-chain investigator ZachXBT said it is not yet possible to determine whether this was a typical external hack or whether malicious insider behavior may have been involved. Different sources have described the incident differently, and the relevant details still await official confirmation. Beyond the growing amount stolen, the on-chain sell-off has also quickly turned the incident from a pure security breach into a liquidity and market structure problem.
Based on developments disclosed so far, abnormal activity had already appeared in Humanity Protocol-related wallets at an earlier stage. Previous on-chain analysis said that more than 17 related wallets holding H were affected, with losses once exceeding $19 million; the latest monitoring now shows the scale of the theft has risen to more than $31 million. Additional follow-up on-chain reports also said the attacker minted another 1 billion H, implying the risk may not be limited to a wallet-level private key leak, but could also involve deeper permission control or token contract management issues. However, this has not yet been fully explained.
For the market, the attacker’s continued selling of H for ETH is directly increasing sell pressure on H and making any subsequent response by the project team more difficult. Key things to watch next include the scope of affected addresses, whether the token contract and related permissions have been further compromised, whether the project will implement freezing or suspension measures, and whether it will disclose a clearer attribution of the incident and a remediation plan.
## Why It Matters
The significance of this incident lies not only in the fact that losses have reached the tens of millions of dollars, but also in the fact that it simultaneously touches on on-chain security, token liquidity, and project governance. If the issue is only a single private key leak, the impact may be relatively contained; but if the reported “additional minting of H” is true, the nature of the incident could escalate from stolen assets to a token control risk, and the pricing logic in the secondary market would change accordingly.
For trading markets, the attacker’s continued conversion of H into ETH is essentially shifting the project’s native risk into public liquidity pools and trading pair depth. What the market will care more about is whether the current sell pressure comes from a one-off theft-driven dump or whether it will evolve into a longer-term loss of supply control. Because the official technical details have not yet been fully disclosed, the boundaries of the risk remain unclear.
## WEEX View
The core question is no longer simply whether funds were stolen, but whether H’s asset characteristics still hold. If only several operational or market-making addresses were compromised, then after CEX and on-chain liquidity absorb the sell-off, the market may still price it as a one-time risk event. But if the private key leak also exposes mint permissions, cross-chain bridge permissions, or failures in multisig control, then both the circulating supply and expectations around total supply for H could become distorted at the same time. Market makers would rapidly narrow their quotes and increase inventory protection, arbitrage capital would pull back, and the direct experience on the exchange side would quickly become “quotes exist, but there is no depth.”
A more immediate commercial conflict of interest is that the project team, market makers, early token holders, and secondary-market liquidity providers are no longer aligned. The project needs to stabilize the narrative and cut off permission-related risks as quickly as possible; market-making resources will prioritize protecting their own inventory; on-chain arbitrageurs will only watch for CEX/DEX price gaps to move liquidity; and whether Old Money stays in the market will depend on whether the team can provide a verifiable pause, recovery, snapshot, or restructuring plan. What is most worth watching next is not verbal explanations, but three hard indicators: whether a list of affected addresses and permissions is disclosed, whether the abnormal minting is formally confirmed, and whether major trading venues introduce deposit/withdrawal restrictions or adjust trading parameters.
## Timeline
- June 7, 2026: Humanity Protocol announced the launch of staking on Humanity Chain and introduced a reward pool of 30 million H.
- June 8, 2026: On-chain analysts reported that wallets related to or interacting with Humanity Protocol were attacked, affecting more than 17 wallets and causing losses of more than $19 million.
- June 9, 2026: Onchain Lens reported that the amount stolen from addresses linked to Humanity Protocol had exceeded $31 million, with the attacker continuously swapping H for ETH.
- June 9, 2026: Subsequent on-chain reports said the attacker minted an additional 1 billion H, suggesting the incident may have expanded from stolen assets to deeper permission control risks.
You may also like
The pricing controversy of Trade.xyz exposes the fatal weakness of Pre-IPO perpetual contracts
World Cup 2026 Coming – WEEX Celebrates with $1M Prize Pool & Michael Owen Live
Galaxy in-depth report: Is Solana still worth paying attention to?
Young people in South Korea make a "final effort" in the epic bull market
Dialogue with OmenX Founder: Why does the prediction market need an evolution from "spot" to "derivatives"?
When the P2P illicit funds from ten years ago turned into 60,000 bitcoins
Morning News | CME Group launches Nasdaq Cryptocurrency Index futures; Asset management giant Janus Henderson strategically invests in Ethena
Why did Oracle deliver the strongest financial report in history, yet its stock price fell?
Bitcoin Layer 2 Network Botanix: Why Did We Choose to Dissolve?
Morning Report | OpenAI has submitted an S-1 registration statement draft to the U.S. SEC; Morpho completes $175 million financing
Galaxy Deep Research Report: How Hyperliquid's HIP-4 Upgrade Changes the Landscape of Prediction Markets?
Latest research from 13 top universities including Cornell University: The current state, challenges, and misconceptions of the fusion of Crypto and AI
Deconstructing Anthropic: The Best AI Company, Possibly Also a Type of Organizational Invention
Every exchange is a "Universal Exchange."
The counterattack of traditional finance: Alliance chains are quietly reviving
Pantera Capital Partner: How Tokenization is Restructuring the Private Equity and Early Investment Ecosystem?
Mastercard Launches Agent Pay for AI, Plans to Record AI Agent Payment Authorizations on Polygon
Mastercard launched Agent Pay for AI, a new payment protocol designed to help AI agents make small payments such as pay-per-use access to data and APIs. The system plans to record human-granted AI agent permissions on Polygon, focusing on verifiable authorization, identity, and payment controls.
Curve Deploys Llamalend v2 on Optimism With 250,000 OP Incentives
Curve launched Llamalend v2 on Optimism with 250,000 OP incentives from the Optimism Foundation. The upgrade expands Llamalend beyond its earlier crvUSD-focused model, adding broader collateral support, LlamaRisk market reviews, and the ability to use Curve LP tokens as collateral.
The pricing controversy of Trade.xyz exposes the fatal weakness of Pre-IPO perpetual contracts
World Cup 2026 Coming – WEEX Celebrates with $1M Prize Pool & Michael Owen Live
Galaxy in-depth report: Is Solana still worth paying attention to?
Young people in South Korea make a "final effort" in the epic bull market
Dialogue with OmenX Founder: Why does the prediction market need an evolution from "spot" to "derivatives"?
When the P2P illicit funds from ten years ago turned into 60,000 bitcoins
