Humanity Protocol said in an investigation report that the June 8 attack was caused by a key compromise after a developer machine was infected with malware, giving the attacker full root access.
Several private keys had been inadvertently backed up to the device during the project’s mainnet launch around June 2025, including the admin hot wallet key, three ETH Safe owner keys and three BSC Safe owner keys, allowing the attacker to obtain all seven keys from a single point of compromise
The report said the incident was not a smart contract exploit, as there was no bug in the bridge, token or Safe, and the attacker’s transfers, Safe transactions and proxy upgrades were authorized with legitimate private keys. The protocol previously suffered losses exceeding $31 million in the attack. — link