In a major breach, Humanity Protocol suffered a $36 million loss due to a hack allegedly orchestrated by North Korean-linked threat actors, reported Cointelegraph. The incident involved a phishing email that compromised an employee's laptop, enabling attackers to access and steal Humanity (H) tokens.

The attack unfolded as malware disguised as a token lockup schedule update from Bithumb was installed on the employee's device, according to blockchain security company Quantstamp. This malware, bearing a South Korean Hancom digital certificate, granted the hackers remote access, allowing them to siphon off private keys from the MetaMask wallet of Humanity Protocol director Chong Yee Wai.

The phishing email that led to the Humanity Protocol compromise highlights the sophistication of North Korean-linked cyber operations. With a seemingly legitimate attachment, the attackers were able to implant malicious software on the compromised device, a tactic known to be characteristic of DPRK intrusions. This method not only signifies technical prowess but also underscores the lengths to which these actors go to ensure success in their operations.

This incident is not an isolated one. North Korea has been implicated in numerous crypto thefts, with Cointelegraph highlighting that the country was tied to $578 million of the $634 million stolen in crypto in April. Furthermore, a CertiK report mentioned North Korean actors were responsible for $2 billion of the $3.4 billion lost to crypto exploits in 2025. This concentration of activity reveals a strategic approach, focusing on both precision and scale to maximize their illicit gains.

Over the past decade, about $6.75 billion has been reportedly stolen by North Korean-linked actors across 263 incidents, according to CertiK. These operations not only represent a significant financial impact but also indicate the industrialization of cybercrime as a core state revenue mechanism for North Korea. The regime's reliance on such activities highlights the intersection of cyber warfare and economic survival in the face of international sanctions.

More from Coin Times

BUSINESS

SpaceX's IPO Unveils $1.3 Billion Bitcoin Reserve — A New Corporate Norm?

SpaceX's IPO disclosed a $1.

North Korea rarely responds to cybercrime allegations, but on May 3, a Foreign Ministry spokesperson rejected them in a statement carried by the Korean Central News Agency, the country's state media. The spokesperson accused the US of spreading "incorrect" narratives about the "non-existent 'cyber threat'" from North Korea. Despite such denials, the weight of evidence and the frequency of these incidents have not deterred the mounting accusations against the regime.

The systemic approach North Korea seems to have adopted in crypto theft is alarming to the international community. With the decentralized and relatively anonymous nature of cryptocurrencies, these thefts offer a lucrative avenue for state actors to bypass traditional financial constraints. The involvement of North Korean actors in such schemes raises significant concerns about global cybersecurity measures and the resilience of crypto platforms against such sophisticated threats.

While the direct financial losses are substantial, the broader implications of these cyber heists extend to undermining confidence in the security of blockchain technologies and crypto assets. As the sector continues to grow, so too does the potential for exploitation by nefarious actors. This necessitates a concerted effort from governments, crypto companies, and cybersecurity firms to bolster defenses and develop robust countermeasures to protect both digital assets and the integrity of financial networks.

The Humanity Protocol incident serves as a stark reminder of the vulnerabilities inherent in the digital landscape. As organizations seek to leverage the benefits of blockchain and decentralized systems, the need for rigorous security protocols and proactive threat assessment becomes ever more critical. The lessons from this breach underscore the importance of employee education, regular security audits, and the implementation of multi-layered defense strategies to mitigate the risk of such attacks.

As the international community grapples with the challenge posed by state-sponsored cybercrime, the focus must also shift towards fostering collaboration and information sharing among stakeholders. Enhanced cooperation can aid in developing a unified front against these threats, ensuring that the digital economy remains a safe and secure space for innovation and growth.