Última hora
RUДТП с тремя иномарками в Усолье-Сибирском: пострадали 7 человек, включая детейESEl CGPJ pide a Justicia convocar una comisión urgente por la denegación de refuerzos judicialesCN台南市召開巴威颱風防颱整備會議CN柬埔寨7号国家公路升级改造项目竣工通车ARإيران: المفاوضات لن تبدأ ما دامت التهديدات الأميركية مستمرةPLKoty w fatalnych warunkach, część jest choraESPanathinaikos owner vows to shake up EuroLeague with potential 'four bomb' signingsBRHomem morre após van bater na traseira de caminhão na GO-080ITSalvini: "Nessuno spazio per litigi al vertice Nato"CN川普再諷梅洛尼 義大利決定冷處理RUДТП с тремя иномарками в Усолье-Сибирском: пострадали 7 человек, включая детейESEl CGPJ pide a Justicia convocar una comisión urgente por la denegación de refuerzos judicialesCN台南市召開巴威颱風防颱整備會議CN柬埔寨7号国家公路升级改造项目竣工通车ARإيران: المفاوضات لن تبدأ ما دامت التهديدات الأميركية مستمرةPLKoty w fatalnych warunkach, część jest choraESPanathinaikos owner vows to shake up EuroLeague with potential 'four bomb' signingsBRHomem morre após van bater na traseira de caminhão na GO-080ITSalvini: "Nessuno spazio per litigi al vertice Nato"CN川普再諷梅洛尼 義大利決定冷處理
Newsgather
BackNorth Korea-Linked Hackers Suspected in Humanity Protocol's $36 Million Token Theft
North Korea-Linked Hackers Suspected in Humanity Protocol's $36 Million Token Theft
En desarrollo
Cointelegraph14.06.2026Crime2 dk okuma

North Korea-Linked Hackers Suspected in Humanity Protocol's $36 Million Token Theft

En resumen

  • Blockchain security firm Quantstamp suspects North Korea-linked hackers in the recent $36 million theft of Humanity Protocol tokens.
  • A phishing email with a malicious attachment, disguised as a Bithumb update and signed with a South Korean digital certificate, led to malware installation and theft of private keys.

Resumen generado por IA

Por qué importa

Humanity Protocol, a decentralized identity company, suffered a $36 million token theft due to a compromised employee laptop accessed via a phishing email. Blockchain security firm Quantstamp suspects North Korea-linked threat actors.

Tamaño de fuente

A malicious attachment delivered through a phishing email points to the involvement of North Korea-linked threat actors in Humanity Protocol's recent hack, according to blockchain security company Quantstamp.

The decentralized identity company said a compromised employee's laptop enabled attackers to steal $36 million in Humanity (H) tokens on Monday.

The malicious attachment was disguised as a token lockup schedule update from South Korean cryptocurrency exchange Bithumb. It installed malware that gave attackers full remote access to the laptop, Quantstamp said in its incident response.

The phishing email that led to the Humanity Protocol compromise. Source: Quantstamp

Quantstamp added that the malware was signed with a South Korean Hancom digital certificate, a pattern it described as “characteristic of DPRK intrusions.” The malware enabled attackers to copy Humanity Protocol director Chong Yee Wai's MetaMask wallet credentials and private keys.

The suspected North Korean link would add to a series of major crypto thefts attributed to the country. North Korea-linked threat actors were tied to at least $578 million of the $634 million stolen in crypto-related incidents in April.

North Korean hackers tied to some of the largest crypto hacks

According to a May report by blockchain security company CertiK, the same actors have been linked to about $2 billion of the $3.4 billion lost to crypto exploits in 2025, while accounting for 12% of total incidents. CertiK said the figures reflect a focus on “precision and scale.”

Over the past decade, North Korea-linked actors stole an estimated $6.75 billion in cryptocurrency across 263 documented incidents, the report said.

Related: CZ sounds alarm as ‘SEAL’ team uncovers 60 fake IT workers linked to North Korea

CertiK added that North Korea has “industrialized” crypto theft into a core state revenue mechanism, making these operations a substantial share of the regime’s external income.

Total DPRK crypto theft over the years. Source: CertiK/Skynet

North Korea rarely responds to cybercrime allegations, but on May 3, a Foreign Ministry spokesperson rejected them in a statement carried by the Korean Central News Agency, the country's state media.

The spokesperson accused the US of spreading “incorrect” narratives about the “non-existent ‘cyber threat’” from North Korea.

Preguntas abiertas

  • How will Humanity Protocol recover stolen assets?
  • What specific measures will be taken against DPRK actors?
  • Will Bithumb face repercussions for the compromised certificate?

Temas relacionados

This article was originally published by Cointelegraph.

Noticias relacionadas

Belgian Authorities Arrest Suspect in Major European Phishing and Money Laundering Network
En desarrollo·3 g önce

Belgian Authorities Arrest Suspect in Major European Phishing and Money Laundering Network

Belgian police arrested a 19-year-old suspected of leading a phishing and money-laundering network that stole over €500,000 using fake government emails. The suspect was found in an Airbnb in Antwerp, where a second individual was also apprehended. The investigation highlights crypto's role in laundering illicit funds and the broader threat of phishing to crypto investors.

Cointelegraph
Teenager Extradited to US Over Alleged Role in $8 Million Crypto Ransom Scheme
En desarrollo·4 g önce

Teenager Extradited to US Over Alleged Role in $8 Million Crypto Ransom Scheme

A 19-year-old dual US-Estonian national, Peter Stokes, has been extradited to the US from Finland to face charges related to an $8 million crypto ransom demand against a luxury jewelry retailer. Authorities allege Stokes, linked to the "Scattered Spider" hacking group, compromised company systems and demanded payment, though the retailer did not pay but incurred $2 million in damages.

Cointelegraph
Más sobre este temaHumanity Protocol