Crypto thefts fall 7% in June to $76M, Humanity Protocol tops list
A private key compromise on a developer's machine handed attackers control of Humanity Protocol's hot wallets, bridges, and token minting functions.
June was a relatively quiet month for crypto theft, at least by recent standards. Total losses across the sector came in at roughly $75.9 million, spread across 40 separate incidents affecting 28 protocols. That figure is down about 7% from May.
Q2 2026 logged nearly $775 million in total hack losses, making it the worst quarter on record for crypto security.
How Humanity Protocol lost control of everything at once
The single largest incident in June wasn’t a clever smart contract exploit or a flash loan attack. It was something more embarrassingly fundamental: compromised private keys stored on a developer’s laptop.
On June 8 and 9, attackers breached Humanity Protocol after malware on a developer’s machine exposed seven private keys tied to critical system functions. Attackers drained the project’s hot wallets, seized control of bridges operating on both Ethereum and BNB Chain, and minted roughly 447 million H tokens. Estimates of total losses from the incident range from $31 million to $36 million.
The H token’s market reaction was immediate and brutal. The price dropped between 80% and 90% as hundreds of millions of freshly minted tokens flooded the market. For a project that had raised funding at a $1.1 billion valuation, it was a dramatic reversal.
Humanity Protocol had positioned itself as a decentralized identity platform built around palm-scanning technology, drawing frequent comparisons to Worldcoin.
Investigators subsequently ruled out an insider job. The attack has been linked to actors associated with the North Korean Lazarus Group.
Humanity Protocol has since outlined recovery plans that could include a 1:1 airdrop of a new token to affected users.
The broader picture: a record quarter, a modest monthly dip
Humanity Protocol’s losses accounted for a substantial portion of June’s total, but the remaining $40-plus million was spread across 27 other protocols. PeckShield tracked the incidents, putting the final monthly tally at $75.9 million across 40 events.
Private key compromises have become one of the dominant attack vectors in crypto, precisely because they bypass the need to find logical flaws in code. Stealing a private key from a developer’s computer requires malware, patience, and a target who hasn’t isolated their signing keys from their general-purpose work machine.
What investors and builders should watch
Bridges are disproportionately targeted because they hold large pools of assets and often rely on a small number of validator keys or multisig setups. The Harmony Horizon bridge, Ronin Network, and now Humanity Protocol have all demonstrated this pattern at scale.
The Lazarus Group attribution is also worth tracking separately. State-sponsored hackers operate with different incentives than opportunistic thieves, and their continued focus on crypto infrastructure, particularly bridges and developer endpoints, is consistent with their documented playbook.
For Humanity Protocol specifically, the H token’s 80-90% decline represents real losses for holders, and a new token issued by the same team faces an immediate credibility challenge.