Quantstamp has stated that the $36 million hack of Humanity Protocol may be connected to North Korean hackers. According to the company, the attack began with a phishing email disguised as coming from Bithumb, containing a malicious attachment that installed malware and granted the attackers full remote access to an employee's laptop. Through this access, the attackers obtained credentials and private keys for the project director's wallet. The malware was signed with a South Korean digital certificate from Hancom, which experts identified as a typical indicator of North Korean operations.