H token bridge attack traced to laptop key compromise
Humanity Protocol reported an H token bridge attack after a compromised employee laptop exposed multisig admin keys. In its Tuesday update, the project said the Monday exploit hit H token transfers on both Ethereum and BNB Chain. Attackers obtained control of the bridge via 3-of-6 Gnosis Safe owner keys, then replaced the bridge contracts with malicious code.
On Ethereum, the attackers drained about 141.2 million H. On BNB Chain, they added an unlimited mint function and minted roughly 200 million H directly to their wallet. Humanity halted deposits and withdrawals on the affected bridges and is working with exchanges and counterparties on damage minimization and recovery.
Founder Terence Kwok said custody/treasury operations used a licensed custodian and MPC, but some bridge multisig keys may have been backed up to the compromised device during setup, creating exposure. Market reaction was sharp: H reportedly fell more than 85% after the incident, and Kwok warned users not to interact with the bridge or liquidity pools.
Investigators noted onchain signals are mixed. Some suspects point to coordination around unlock/vesting timing, while others say admin-right exploits can initially look staged; “surrounding behavior” (speed, improvisation, insider timing) may be more decisive. For traders, expect tighter bridge/centralized exchange monitoring, elevated risk controls, and potential H volatility tied to remaining liquidity and any follow-up governance or contract actions.
Bearish
The H token bridge attack triggered a large, direct loss event: attackers drained ~141.2M H on Ethereum and minted ~200M H on BNB Chain via compromised multisig admin keys. That kind of supply and custody shock typically pressures the token price in the short term (the report cites an ~85% drop) and keeps traders on defensive footing.
While investigators debate whether there was coordination around unlock/vesting, the latest update still confirms core security failure mechanics (laptop compromise leading to multisig key exposure) and immediate operational response (halted deposits/withdrawals). Even if timing looks “mixed,” the immediate market impact on H remains negative due to heightened counterparty risk, potential further forced selling, and uncertainty around remaining liquidity.
In the longer term, if recovery proceeds and bridge controls are hardened, the bearish effect could fade. But until audits, governance outcomes, and liquidity conditions stabilize, risk management around H is likely to remain elevated—keeping the overall impact bearish for H.