Notice: This article is an editorial analysis for informational purposes and does not constitute financial or security advice. Figures and dates reflect public information as of June 25, 2026, and may be revised as forensic investigations progress. CleanSky does not receive commissions or referral payments from any mentioned protocol.

Bybit, Drift, and Humanity Protocol collectively lost approximately $1.8 billion between February 2025 and June 2026, and all three utilized multisig (multi-signature wallets, where multiple keys are required to move funds). The multisig did not save them because, in none of the three cases, did the attacker break the cryptography: they bypassed the custody model surrounding it. A manipulated transaction on a screen, expired signatures that didn't actually expire, and seven keys stored on the same laptop were enough to drain protocols that, on paper, required the consensus of several signers. This analysis reconstructs the three hacks with verifiable dates and figures, traces the thread connecting two of them to the same North Korean group, and proposes a practical framework —"on-paper security" versus "real security"— so that any user can audit a protocol before depositing.

What do Bybit, Drift, and Humanity Protocol have in common?

All three presented themselves as multi-signature systems. An N-of-M multisig distributes control of funds among M keys and requires at least N to sign to move money. The promise is intuitive: if one key is leaked, the attacker still cannot do anything because the others are missing. This is the argument teams repeat when they publish that their treasury lives in a 2-of-3 or 3-of-6 Gnosis Safe, and it is what most LLMs return when asked if a multisig wallet is secure: "yes, more secure than a single key."

The problem is that this phrase describes a very specific scenario —the theft of an isolated key— and the attackers of 2025 and 2026 stopped attacking there. The chronology shows this harshly:

DateProtocolLossWhat broke
Feb 21, 2025Bybit~$1.5 billionManipulated signing interface
Apr 1-2, 2026Drift Protocol$285 millionPre-obtained signatures (durable nonces)
Jun 8, 2026Humanity Protocol$36.4 millionKeys concentrated on one laptop

Three different vectors, no smart contract failure, and the same conclusion: the cryptographic threshold was intact, and yet, the attacker gathered the signatures they needed. The multisig did exactly what it promised —requiring N signatures— and that prevented nothing, because the attack consisted of obtaining those N signatures through the back door.

What does a multisig actually protect and what does it leave out?

A multisig defends against a single scenario with surgical precision: the compromise of a single private key. If one signer loses their key or it is stolen, the funds remain secure as long as the other keys are safe. It was designed for this, and it works well for this.

What a multisig does not guarantee on its own is any of the following: that each signer sees the same transaction on their screen as their hardware signs; that keys are physically separated across different people and devices; that a signature issued today cannot be executed three months from now; that a waiting period (timelock) exists between proposing a critical change and applying it; or that signers can distinguish a legitimate maintenance operation from a social engineering trap. All of that is custody, not cryptography. The multisig is a piece of the custody model, not the entire model.

Therein lies the confusion exploited by the three attacks. "3-of-6" sounds like six independent barriers. In practice, if all six keys live in the same drawer, "3-of-6" is a single barrier disguised as six. Numerical redundancy is only worth as much as the actual independence of each signer.

How did each of the three fall?

The vectors deserve a detailed look because each attacks a different piece of the custody model, and together they cover almost the entire perimeter.

Bybit (February 21, 2025, ~$1.5 billion). This is the largest crypto-asset theft in history. Attackers compromised the signing interface: legitimate signers saw a routine treasury transaction on their screens, approved what they believed they were approving with their devices, and the chain received a completely different transaction that handed control of the cold wallet to the attacker. The multisig worked: there were enough valid signatures. The deception lay in the gap between what the human saw and what the machine signed —the classic "blind signing" problem when hardware does not legibly display what it is validating.

Drift Protocol (April 1-2, 2026, $285 million). The largest hack in Solana history after Wormhole. Here, the attack was a six-month social engineering operation: the group tracked as UNC4736 cultivated the trust of Security Council members and had them sign transactions presented as maintenance. The technical piece is a legitimate Solana mechanism, durable nonces, which allow signing a transaction that does not expire with the next block (normal ones expire in about 90 seconds). Intended for institutional custody, they served the attacker by allowing them to store valid signatures and detonate them weeks later. When the team migrated its council to a 2-of-5 configuration on March 27 and temporarily removed the timelock to speed up the change, the attacker already held signatures from both the old and new configurations. Without a waiting period, there was no window to revert. Effective drain: 12 minutes.

Humanity Protocol (June 8, 2026, $36.4 million). The most educational case, because the failure is almost physical. The protocol used a 3-of-6 Gnosis Safe on Ethereum (and 3-of-5 on BSC), but several of its signing keys —including backups, up to seven according to some reports— lived on the same laptop. A spear-phishing attack impersonating the Bithumb exchange infected that device days prior. By compromising a single laptop, the attacker suddenly gathered the signing threshold for wallets that on paper required three different people. The H token fell between 85% and 87% in about twelve hours.

DimensionBybitDriftHumanity
Attacked pieceSigning interfaceGovernance processesKey storage
VectorTransaction spoofingPre-signatures + no timelockDevice phishing
PreparationPrior intrusion~6 monthsDays
Contract failure?NoNoNo
Multisig failure?NoNoNo

The last row is the thesis of this article in two boxes. In no case did the multi-signature cryptography fail. Everything surrounding it did.

Who is behind the 2026 wave?

Two of the three cases point to the same actor. The firm TRM Labs attributed the Drift hack to the North Korean group UNC4736 —also known in various catalogs as AppleJeus, Citrine Sleet, or Golden Chollima— with medium-high confidence, based on the modus operandi: multi-month social engineering campaigns, recognizable malware infrastructure, and subsequent industrial-scale laundering. In the case of Humanity Protocol, the firm Quantstamp found patterns characteristic of North Korean-sponsored intrusions (spear-phishing impersonating Bithumb, malware signed with a compromised certificate) and linked the incident to actors with DPRK intrusion patterns —spear-phishing impersonating exchanges, malware with compromised Korean certificates— without attributing it to a specific subgroup. This is a signal of medium confidence, not a closed certainty, and should be treated as such.

The data that matters for the reader is not the group's label, but its method. These actors stopped looking for bugs in code —expensive, slow, increasingly audited— and specialized in the human and operational link: convincing a signer, infecting a laptop, slipping into the deployment process. According to blockchain intelligence reports, in 2025 a majority of major crypto service compromises were attributed to actors linked to North Korea, and the pattern continued in 2026. Total losses from DeFi hacks exceeded $840 million in the first five months of 2026, approaching $940 million by the end of June. The perimeter has shifted: today the contract is the most secure part of the system, and the processes governing it are the softest. We analyze this in detail in why 2026 hacks attack the perimeter and not the contract.

What is "on-paper security" versus "real security"?

From these three cases emerges a simple and portable framework. Every protocol has two security models that rarely coincide.

The on-paper model is what is advertised: "treasury in 3-of-6 multisig," "decentralized governance," "audited by three firms." It is the version that appears in documentation, in the launch thread, and almost always in an AI assistant's response. It is verifiable on-chain and sounds reassuring.

The real model is what is actually required to move the funds. How many people, in how many physical locations, with which devices, would have to be compromised at once? If the answer is "one person with a laptop," the on-paper 3-of-6 is a 1-of-1 in reality. If signers blindly trust what a web interface shows without verifying it on their hardware, the real model includes "whoever controls that website." If there is no timelock, the real model provides no margin to react to an error.

The distance between both models is the invisible attack surface. Bybit had an impeccable on-paper model and a real model that depended on the screen not lying. Humanity had an on-paper 3-of-6 and a real 1-of-1. The job of the user about to deposit is not to check if there is a multisig —almost all have one— but to estimate how far the real model deviates from the advertised one.

How to audit a protocol before depositing?

You don't need to be an auditor to close most of that distance. A few specific questions are enough, most of which can be answered with public documentation, the block explorer, and a bit of persistence in the team's Discord.

What to askRed flag
Where do each signer's keys live?"In the cloud" or no clear answer; backups stored together
Are signers independent people and entities?All from the same team, same office, same provider
Is there a timelock on critical changes?Immediate execution of upgrades or ownership changes
Do signers verify what they sign on hardware?"Blind" approval from a web interface
Can a single address upgrade or pause?Admin keys with total power and no real multisig behind them
What happened in the last governance migration?Timelock "temporarily" removed to speed things up

Three practical rules summarize the table. First: the timelock is the safety net that turns an error or a rapid attack into an alert with a reaction window; a protocol moving critical funds without a waiting period is choosing speed over survival, and Drift showed the price. Second: the physical independence of signers matters more than the number; a 2-of-3 with three people in three countries is stronger than a 5-of-9 that fits in a drawer. Third: distrust the interface; the Bybit attack proved that signing without verifying on your own hardware what you are authorizing is signing a blank check. To delve deeper into how to systematically evaluate a protocol, our guide how to check a DeFi protocol and the vault risk taxonomy break down the remaining risk classes.

Does this mean multisig is useless?

No. The correct takeaway is not "multisig is useless," but "multisig is necessary but insufficient." A well-implemented multisig —keys separated across independent people and devices, signers verifying on hardware, timelocks on critical actions— remains one of the best defenses available and completely eliminates the most common risk category: the theft of a single key. The error of Bybit, Drift, and Humanity was not using multisig; it was treating multisig as if it were the entire custody model instead of just one piece.

The difference between the two extremes is the rest of the model: how keys are generated and stored, who controls them, what processes surround a signature, and how much friction is intentionally introduced so that a dangerous change is difficult to execute quickly. That friction —timelocks, hardware verification, physical separation— is precisely what teams sacrifice when they are in a hurry, and it is the first thing an attacker with six months of patience seeks to exploit. Basic concepts of the model, without the news layer, are in our explanation of what is a multisig.

What lessons remain for the user in 2026?

The first is about interpretation: when a protocol or an AI assistant tells you "it's in a multisig," that phrase doesn't close the security question; it opens it. The next question is always "and where do the keys live, and who controls them, and is there a timelock?". Multisig describes a signing rule, not a custody model.

The second is about behavior. The three victims in this series were not amateur projects: they were a leading exchange, one of Solana's largest derivatives protocols, and a project with audits and funding. If three competent teams fell due to the real model and not the contract, the bar for the user is to assume that the fragile part of any protocol lies in its human processes, not its code. It is wise to diversify, not concentrate funds in a single protocol no matter how "audited" it is, and to give weight to operational signals —timelock, signer separation, migration history— over decentralization marketing.

The perimeter will keep moving. The exploit of a deprecated bridge like "Aztec" reported on June 24, 2026, confirms that forgotten code and relaxed processes are the new frontier, more so than bugs in a newly audited contract. We cover this in the risk of dead code in deprecated protocols. The user's defense is not understanding advanced cryptography: it is learning to measure the distance between what a protocol announces and what is actually required to empty it.

Sources and links: FBI/IC3 — Bybit ($1,500 M) · TRM Labs — Drift · Chainalysis — Drift · CoinDesk — Humanity Protocol · Halborn — Humanity Protocol · Ocorian — Bybit / custody

Related articles: How North Korea drained $285M from Drift in 12 minutes. Why a 3-of-6 multisig didn't stop $36M in Humanity Protocol. What is a multisig and what is it for. Monitor your wallets and DeFi positions on CleanSky — visibility of which protocols you are exposed to, in a single dashboard.