Humanity says it is developing a victim recovery plan

Odaily Planet Daily News: Humanity released a post-mortem report on the H token security incident from June 8 to 9, stating that the incident was not a smart contract vulnerability, but was caused by private key leakage resulting from malware intrusion into a developer's device. Humanity stated that the attacker still holds ProxyAdmin permissions for the ETH bridge and BNB Chain tokens. Preliminary investigations confirmed that a colleague's device was infected with malware, through which the attacker obtained the administrator's hot wallet private key and 6 Gnosis Safe signing private keys. The team has hired an external security firm to conduct a forensic investigation and stated that it is developing a recovery plan for affected users.