Humanity Protocol’s $36M hack tied to suspected North Korean hackers: Quantstamp
Private detective
A malicious attachment delivered by a phishing email sides to the involvement of North Korea-linked risk actors in Humanity Protocol’s fresh hack, primarily based entirely on blockchain security firm Quantstamp.
The malicious attachment changed into disguised as a token lockup agenda update from South Korean cryptocurrency substitute Bithumb. It build in malware that gave attackers stout distant entry to the computer personal computer, Quantstamp acknowledged in its incident response.
The phishing email that resulted in the Humanity Protocol compromise. Source: Quantstamp
Quantstamp added that the malware changed into signed with a South Korean Hancom digital certificate, a sample it described as “characteristic of DPRK intrusions.” The malware enabled attackers to duplicate Humanity Protocol director Chong Yee Wai’s MetaMask wallet credentials and deepest keys.
The suspected North Korean link would add to a series of vital crypto thefts attributed to the country. North Korea-linked risk actors were tied to not lower than $578 million of the $634 million stolen in crypto-connected incidents in April.
Private detective North Korean hackers tied to a pair of the greatest crypto hacks
According to a Would possibly perhaps well portray by blockchain security firm CertiK, the identical actors contain been linked to about $2 billion of the $3.4 billion misplaced to crypto exploits in 2025, while accounting for 12% of entire incidents. CertiK acknowledged the figures deem a focal point on “precision and scale.”
Over the last decade, North Korea-linked actors stole an estimated $6.75 billion in cryptocurrency across 263 documented incidents, the portray acknowledged.
CertiK added that North Korea has “industrialized” crypto theft proper into a core advise earnings mechanism, making these operations a mountainous fragment of the regime’s exterior earnings.
Total DPRK crypto theft over the years. Source: CertiK/Skynet
North Korea rarely ever responds to cybercrime allegations, but on Would possibly perhaps well 3, a Foreign Ministry spokesperson rejected them in an announcement carried by the Korean Central Recordsdata Agency, the country’s advise media.
The spokesperson accused the US of spreading “unsuitable” narratives concerning the “non-existent ‘cyber risk’” from North Korea.
Cointelegraph is dedicated to self reliant, transparent journalism. This files article is produced per Cointelegraph’s Editorial Policy and objectives to provide correct and smartly timed records. Readers are encouraged to verify records independently.
