Foundation key compromise drained $30M+ from 280+ wallets and minted 100M unauthorized tokens
On June 9, 2026, Humanity Protocol suffered a catastrophic security breach when foundation keys were compromised. The attacker used these keys to drain over 280 user wallets across Ethereum and BNB Chain, extracting more than $30 million in various tokens. Simultaneously, the attacker minted 100 million unauthorized tokens on BNB Chain, causing immediate price collapse. The foundation acknowledged the compromise and initiated emergency measures including contract pauses and a recovery plan.
The attacker moved stolen funds rapidly across chains using bridges including Wormhole and Celer. On Ethereum, funds were consolidated and swapped for ETH before depositing into Tornado Cash. The minted BNB Chain tokens were dumped through PancakeSwap liquidity pools, with proceeds bridged to Ethereum. The scale and speed of the operation suggested a well-prepared attacker with automated tooling.