Humanity Protocol Launches New H Token Airdrop After $36M Exploit

Humanity Protocol has announced a full token migration and 1:1 airdrop of a new H token, the project's first concrete step to compensate holders after the $36 million exploit on June 8.

The team posted the recovery plan on X on Monday. It confirmed that the former H token on Ethereum, BNB Chain, and Humanity Mainnet has been sunsetted and replaced with a newly audited ERC-20 contract deployed on Ethereum.

New tokens will be airdropped 1:1 to holders based on snapshots taken on Ethereum, BNB Chain and Humanity Mainnet, on June 8, just before the exploit. The H token was down roughly 27% on Monday to around $0.22, per CoinGecko, and has lost about 73% from its June 2 all-time high of $0.84.

"We know the wait has been hard, and your patience through this has meant everything to us," Humanity Protocol said.

Who Gets the Airdrop Automatically

Standard externally owned accounts holding H on any of the three chains at snapshot time will receive the new token directly, with no action required. Wallets linked to the attacker and addresses identified by security firm Quantstamp during the post-exploit investigation have been excluded.

H held inside liquidity pools, vaults, or smart contracts at the snapshot cannot be automatically attributed to individual holders. Those balances will move to a vault, and the project said it will coordinate with affected parties on distribution.

Claims Fund for Complex Cases

Humanity Protocol has established a separate H Compensation Fund to handle situations the automated airdrop cannot cover. The three categories are: holders with H in third-party protocol integrations, decentralized liquidity pool exposure, and users who bought H after the June 8 snapshot and still hold the token.

Post-snapshot buyers seeking compensation must complete identity verification before any funds are processed. The project cited the DPRK affiliation flagged by Quantstamp as the reason for the compliance requirement.

"Because the exploit has been linked to DPRK-affiliated actors, we are working closely with the relevant authorities on AML compliance," Humanity Protocol said.

Quantstamp's investigation summary, published through Humanity Protocol's own website on June 11, traced the attack to a phishing email impersonating South Korean exchange Bithumb, which installed malware on a director's Windows machine and gave attackers remote access to private keys. The breach drained approximately 141.18 million H tokens from an Ethereum bridge and enabled the minting of about 100 million additional tokens on BSC. The attacker signed the malware with a Hancom digital certificate, a method Quantstamp described as "characteristic of DPRK intrusions."

Mainnet Relaunch Ahead

Humanity Protocol said it plans to relaunch Humanity Mainnet in the coming weeks, with the new H token serving as the native gas token. The project is coordinating with centralized exchanges, bridge providers, and liquidity partners on the migration timeline. Exchange users should follow their own platform's announcements for token migration instructions.

The project warned holders to avoid fake airdrop or claim links, stating official communications will only come from verified Humanity Protocol channels.

What Remains Unresolved

The stolen funds have not been recovered. Quantstamp's investigation noted attacker-controlled wallets held over $21 million in ETH at the time of its June 11 report, with BNB-side proceeds still being tallied.

The compensation fund does not specify how post-snapshot buyers are individually evaluated beyond identity verification. Humanity Protocol has also not disclosed the total H token balance sitting in smart contracts that will transfer to the vault.

The Defiant's original June 9 coverage documented the initial breach. The project's Quantstamp forensics and Monday's compensation announcement mark the two concrete public steps taken since.