Resolv Lab Suffers $25M DeFi Exploit As Attacker Turns $100K Into Millions 

March 22, 2026 CryptoExpert Uncategorized
Changelly
Bitbuy


What to know:

  • An attacker exploited a flaw in Resolv Labs’ USR minting system and used the requestSwap function to turn a $100,000 USDC deposit into nearly 50 million USR tokens.
  • The attacker quickly cashed out using KyberSwap, Uniswap, and MetaMask Swaps, converting assets into Ethereum.

By | Edited By Ammar Raza,,

Resolv Lab Suffers $25M DeFi Exploit as Attacker Turns $100K Into Millions Resolv Lab Suffers $25M DeFi Exploit as Attacker Turns $100K Into Millions

A major cryptocurrency exploit has struck Resolv Labs, raising fresh concerns about smart contract security.

An attacker was able to manipulate the platform’s USR minting system and turn a deposit of $100,000 into millions of dollars in tokens. The incident was first flagged by Arkham Intelligence and later on by another on-chain analyst known as yieldsandmore.

Tokenmetrics

According to on-chain data, the attacker deposited 100,000 USDC into Resolv’s USR Counter contract using a function that is called “requestSwap.” Shortly after the deposit, the system minted new 50 million USR tokens, which were transferred to the attacker’s wallet. This move represents an extreme overcredit, suggesting that there is a critical flaw in how the protocol calculates or validates minting amounts.

The transaction details also show that the minting process may have been compromised at a key step. The platform’s swap system operates in two stages: requestSwap and completeSwap. 

Somewhere between these steps, the transaction appears to have been manipulated or incorrectly approved, allowing a mismatch between the deposit and the tokens issued. 

Also Read: Cryptocurrency Scam Hits Retired Hong Kong Woman, Causing 6.6 Million Yuan Loss

How Resolv Labs Attacker Cashed Out

After receiving the inflated amount of USR tokens from Resolv Labs, the attacker moved to convert them into assets that are more liquid and easy to sell off. First of all, a large amount of the USR was wrapped into another token known as wstUSR, and it is a token that provides more access to DEX. 

How Resolv Labs Attacker Cashed OutHow Resolv Labs Attacker Cashed Out

Source: D2_Finance

The attacker also sold the USR token across different platforms, including KyberSwap, Uniswap, and MetaMask Swaps. Due to the amount of selling that was done at once, the prices of the token dropped significantly with trades executed at significant discounts and also increasing slippage as liquidity dried up.

Finally, the attacker converted a huge portion of the stolen asset from Resolv Lab into Ethereum, moving millions worth of stablecoins into ETH in rapid succession. Several transactions failed during this phase, indicating the urgency and liquidity constraints while the hacker managed to exit their positions.

At the time of reporting, the total value extracted is estimated to exceed $25 million, with the attacker still actively offloading the remaining assets. 

Also Read: Fidelity Pushes SEC to Create Stronger Crypto Rules 



Source link

Binance

Be the first to comment

Leave a Reply

Your email address will not be published.


*