Humanity Protocol hack: Quantstamp link $36M theft to DPRK phishing malware
Quantstamp talk say di Humanity Protocol hack make dem koro $36M worth of H tokens, and evidence dey show say na suspected North Korean (DPRK) threat actors fit dey involved.
Di attack start from one phishing email wey disguise as token lockup schedule update from South Korean exchange Bithumb. Quantstamp talk say dem use laptop wey person wey work for there don get compromised, and di malicious attachment install malware wey give full remote access.
One key claim na say di malware get signature from one South Korean Hancom digital certificate, pattern wey Quantstamp describe as “characteristic of DPRK intrusions.” Di malware then allow di attackers copy Humanity Protocol director Chong Yee Wai’s MetaMask wallet credentials and private keys, make dem fit steal di H tokens.
Quantstamp assessment of di Humanity Protocol hack come along with wider metrics about DPRK-linked cybercrime. CertiK report estimate say North Korea-linked actors dey involved for at least $578M of $634M crypto thefts for April, and about $2B of $3.4B wey lost to crypto exploits in 2025 (12% of incidents). CertiK also talk say DPRK don “industrialize” crypto theft as state revenue method, estimate say $6.75B don dey stolen across 263 documented incidents over di past decade.
Even though North Korea no dey often respond to allegations, dem reject US claims of a “non-existent ‘cyber threat’” for one May statement.
For traders, dis Humanity Protocol hack reinforce counterparty and wallet-security risk premia, especially for teams wey get exposure to phishing and endpoint compromise.
Neutral
Quantstamp findin dem show say na one targeted security breach (phishing → endpoint compromise → MetaMask key theft) link to DPRK-style intrusion patterns. Dis one go likely be seen as one idiosyncratic risk-management mata for di ecosystems wey dem affect, no be systemic market shock.
Short term, di kind “$X million hack” headlines fit pressure liquidity and make volatility rise for di specific token (H) and for custody/wallet/security-sensitive narratives. But wide BTC/ETH usually get small directional impact unless di incident dey threaten major infrastructure, stablecoins, or many big exchanges.
Historically, big attribution-based hack reports (e.g., Lazarus-linked events) dey often trigger short risk-off sentiment and people go rotate toward safer majors, but dem rarely change long-term market structure by themselves. Long term, steady DPRK-related theft statistics dey keep traders focus on security disclosures, wallet hygiene, and institutional-grade controls, wey fit affect valuations small-small instead of causing sustained bear market.