The crypto industry has once again fallen victim to a major security incident. Humanity Protocol has revealed that approximately $36 million worth of H tokens may have been stolen by hackers linked to North Korea.

According to information released by the company, the attackers did not exploit any smart contract or blockchain vulnerabilities, but rather gained access to crucial private keys through an affected developer's computer.

Investigations revealed that a developer’s computer was infected with malware. On the same device, seven critical private keys were stored, which were accidentally left behind as a backup during the mainnet launch. Those keys included access to the admin wallet and various multi-signature accounts.

Using those stolen keys, hackers carried out transactions that looked completely legitimate and moved approximately 141 million H tokens from the Ethereum Bridge. Afterwards, additional tokens were minted on the BNB Smart Chain and a large amount of assets were converted into ETH.

After this incident, the market saw a strong reaction. The H token’s price dropped by 80 to 90 percent within a few hours, causing significant losses for investors. Although the price later saw some recovery, the token is still trading well below its previous level.

Cybersecurity firm Quantstamp says that the methods used in this attack resemble the activities of hacking groups linked to North Korea in the past. However, some independent researchers say that further confirmation is needed regarding claims of state-level involvement.

This incident provides an important lesson that simply securing the blockchain and smart contracts is not enough. If private keys and internal systems are not secured, crypto assets worth billions of dollars could be at risk.

The growing number of cyber attacks in the crypto industry is a reminder that security must be the top priority for every project.