Humanity Protocol’s H token plummeted by over 80% on June 9 after the project confirmed an exploit involving compromised private keys, resulting in the theft of over $36 million in tokens and their dumping onto the market.
In a post-mortem published on the evening of June 9, Humanity stated that the incident occurred between June 8 and June 9 via three attack vectors across Ethereum and BNB Smart Chain. These included direct theft from an admin hot wallet, a bridge drain on Ethereum, and the unauthorized minting of 300 million H tokens on BSC. The project noted that the root cause was malware on an internal machine that had mistakenly stored multiple production keys, turning a breach on a personal device into a crisis at the bridge admin and token supply level.
How the Exploit Happened
Humanity initially stated that the incident stemmed from a laptop breach by an internal staff member. The post-mortem later clarified a more severe detail: a device had been compromised with root access via malware, while multiple production keys had been mistakenly backed up to it during the mainnet launch phase around June 2025.
INCIDENT UPDATE:
Last night, June 8, the H token was hit by a coordinated attack across Ethereum and BSC. While we’re still investigating this incident, we want to be transparent with our community about what happened.
As of right now, ~$36M+ has been stolen across both chains…
— Humanity (@Humanityprot) June 9, 2026
From this compromise point, the attacker obtained enough keys to operate on both Ethereum and BNB Smart Chain. On Ethereum, the attacker seized control of the Bridge ProxyAdmin, upgraded the bridge to a malicious version, and withdrew approximately 141.18 million H tokens in a single transaction. An admin hot wallet was also drained of an additional 6.05 million H tokens.
On BNB Smart Chain, the incident went further than a bridge drain. The attacker compromised the ProxyAdmin of the BSC H token and minted 300 million H tokens across three iterations on June 9. The supply of H on BSC surged from around 141.12 million H to 441.12 million H, expanding the supply on this chain to over three times its pre-attack level.
According to Humanity, this was not a smart contract flaw in the traditional sense. The attacker signed transactions using valid private keys after internal key storage was compromised, turning an operational failure into control over the bridge and token admin across multiple chains.
H Token Erases Early-June Rally
H had rallied strongly prior to the incident, climbing from the $0.20 region in late May to a short-term peak near $0.855 in early June. Following the exploit, the token dropped below $0.10 across several venues, with charts recording a low of around $0.074 before recovering to the $0.16-$0.22 zone.
H price chart (4h). Source: TradingView
The decline indicates that the market was reacting not only to the volume of H sold by the attacker, but also to the supply risk after 300 million H tokens were unauthorizedly minted on BSC. According to the post-mortem, H on BSC should be considered permanently compromised, meaning any decisions regarding the bridge, deposits, or token migration could further impact liquidity.
ZachXBT Walks Back MM Link
Humanity’s incident quickly escalated beyond a technical exploit when ZachXBT, one of the most followed on-chain investigators in crypto, publicly questioned the project directly under their incident update. Initially, ZachXBT claimed that H had been “crime pumped” for weeks despite lacking clear fundamentals, while demanding that Humanity disclose its active market-making agreements with an entity in Hong Kong.
Those remarks caused suspicions surrounding the hack to spread even faster, as H had just pumped significantly before crashing, right as it was about to enter a June unlock period. Several accounts subsequently questioned whether the private-key compromise could merely be an explanation for an intentional dump.
However, ZachXBT later updated that after further analysis of the laundering flows, the market maker/OTC activity and the private-key compromise appeared to be two independent issues. In another response, he stated that he had initially been suspicious due to the MM and OTC activity ahead of the unlock, but the evidence shared pointed in the opposite direction. ZachXBT also sarcastically noted that if the team had pumped the token for weeks only to get exploited right before the unlock, it was a rather expensive “karma.“
Update: After further analysis of the laundering it seems the sketchy MM / OTC & private key compromise are independent of one another and not related.
Kind of funny if the team was pumping the token for weeks only to have gotten rekt shortly before the upcoming unlock later…
— ZachXBT (@zachxbt) June 9, 2026
In addition, some posts also recalled the past of founder Terence Kwok at Tink Labs, a Hong Kong travel-tech startup that raised significant funding before shutting down in 2019. Nevertheless, there is currently no public evidence linking these old controversies directly to the H hack.
June Unlock Keeps Pressure on H
According to Tokenomics data, Humanity Protocol is scheduled to unlock approximately 266.47 million H tokens on June 25, 2026, equivalent to around 2.7% of the total supply and 9.6% of the market cap at the time of recording. This unlock amount is allocated to various groups, including investors and foundation-related parties.
H Unlock Schedule Details. Source: Tokenomics
This unlocking milestone arrives right after a week of intense volatility for H, as the exploit sparked concerns regarding liquidity and supply on BSC. With an additional 266.47 million H set to unlock, investors will have to price in not only the damages from the hack but also the fresh supply pressure for the remainder of June.
BSC Token Remains the Key Risk
The greatest risk currently lies with H on the BNB Smart Chain. Humanity stated that the attacker still holds the ProxyAdmin of the BSC token, meaning the token on this chain can continue to be minted, paused, or drained. The project also views H on the BSC as permanently compromised.
The handling of this token portion will heavily dictate the ability to restore trust post-hack. Whether the bridge will be reopened, how exchanges handle deposits and withdrawals, whether related wallets are flagged, or whether the project opts for a token migration or holder support are all points the market will monitor closely. With H on BSC still out of control, how Humanity coordinates with exchanges and holders will determine the next developments of the incident.
