Humanity released its security incident investigation report: the mainnet bridge was unaffected, and the attack tools and methods were characteristic of North Korean hackers.

CoinFeed reported on June 14 that Humanity released an independent investigation report by Quantstamp, which revealed that in the H token security incident, attackers used tools and methods characteristic of North Korean hackers. They communicated via phishing emails posing as the Bithumb exchange, tricking project directors into clicking malicious attachments, thereby deploying remote control Trojans on their devices and ultimately gaining complete desktop control and wallet private keys. Subsequently, they launched on-chain attacks on Ethereum and BNB Chain: on the Ethereum side, they upgraded the contract by stealing keys and transferred approximately 141.18 million H tokens; on the BSC side, they took over the ProxyAdmin contract and minted new tokens. The stolen assets were then continuously dumped on Uniswap and PancakeSwap for about 8 hours, causing a significant impact on liquidity and market prices.