Key Takeaways
- Wallets linked to Humanity Protocol were drained of over $32 million on June 9, with the H token down nearly 90%.
- Founder Terence Kwok blamed a compromised private key, while ZachXBT alleged the team ran a “crime pump.”
- The attacker has minted fresh H on BNB Chain and converted holdings into 18,510 ether worth about $30.8 million.
A Private Key Breach Turns Into a Firestorm
The exploit hit Humanity Protocol, an identity-verification network, early on June 9. According to onchain analyst Specter, wallets that interacted with the project were systematically drained, with 17 addresses holding the H token emptied for a combined total exceeding $32 million. Consequently, its native token plunged 89% in 24 hours, while other trackers logged losses closer to $30 million tied to a private key compromise.
Humanity founder Terence Kwok acknowledged the breach, saying it stemmed from the compromise of private keys belonging to a member of the Humanity Foundation. Blockchain data showed the attacker moving fast with roughly $23.7 million of the stolen value swapped into ether ( ETH), while about $7.9 million remained parked in H tokens as prices collapsed.
The drain did not stop at the initial theft. Analytics firm Lookonchain reported that the Humanity hacker minted another 100 million H on BNB Chain and, through steady selling, had already obtained 18,510 ETH worth about $30.83 million along with 1,548 BNB valued near $924,000. The same data showed the attacker still holding roughly 111 million H (about $14 million at depressed prices) though onchain liquidity was described as “nearly exhausted,” meaning further dumping would crater the price even more.
The minting of fresh tokens on a second chain is what has turned a routine exploit into a credibility crisis. Critics questioned how an attacker with a single compromised key could issue new supply at will, a power that normally rests with a project’s own administrators.
ZachXBT Throws Cold Water on the Team’s Story
That question was sharpened by ZachXBT, the pseudonymous investigator known for unwinding crypto frauds. He publicly doubted the official narrative, writing that the “incident seems possibly staged” and that he was “not buying the team’s story,” calling it “a convenient way for the active market maker to have exited.”
In a separate message aimed at the project, he accused the team of choosing to “crime pump your token for weeks with zero fundamentals” and demanded it disclose their “active MM agreements with the HK entity first.”
The allegation has flipped the episode from a security failure into a possible insider exit, one where a market maker might have offloaded a position under the cover of an “exploit.” Humanity has not publicly addressed ZachXBT’s specific claims, and no independent confirmation of staging has emerged.
Whatever the truth, the timing is bleak as the episode has added to a brutal 2026 for crypto security. Bitcoin.com News reported that April 2026 closed as the most-hacked month in the industry’s history by incident count, with Defillama logging close to 30 separate exploits. The year has already featured the Drift Protocol exploit, which saw more than $200 million drained in a single attack later attributed to North Korea-linked actors.
Private key compromises, in particular, have become one of the costliest attack vectors, because they hand thieves direct control of funds rather than requiring a smart-contract bug. For Humanity Protocol, the damage may be hard to reverse as a token down nearly 90% with exhausted liquidity is difficult to rebuild around, and the project now carries the added burden of an unresolved fraud allegation from one of the space’s most-followed sleuths.
