The Decentralized Finance sector is once again under scrutiny after a rapid security breach drained about $25 million from a major protocol, exposing persistent vulnerabilities and renewing concerns about structural risks across the broader DeFi market.
According to details shared by industry participants, the exploit targeted the stablecoin protocol Resolv, which had accumulated more than $500 million in total value locked (TVL) prior to the attack.
The exploit was unusual because it did not rely on a common vulnerability such as a flash loan attack or a reentrancy bug. Instead, the attacker reportedly gained control of a privileged private key associated with a service role in the protocol’s infrastructure.
With that access, the attacker was able to execute a function in the protocol’s minting contract, allowing new tokens to be issued without strict safeguards.
The absence of limits on minting ratios, price oracle checks, or on-chain supply caps meant that once the key was compromised, the system could be manipulated without triggering built-in protections.
 
As a result, using only about $100,000 in USDC-denominated collateral, the attacker minted approximately 80 million units of the protocol’s stablecoin, USR.
Those newly minted tokens were then converted into other assets through liquidity pools and decentralized exchanges. Within minutes, the attacker cycled the funds through multiple swaps, eventually converting the proceeds into Ether.
Consequently, the rapid sequence of transactions triggered a collapse in the token’s market value. Trading activity on Curve pools saw USR plunge to just a few cents, marking a dramatic break from its intended $1 peg.
Observers noted that the entire chain of events, from the initial minting transaction to the stablecoin’s sharp devaluation, occurred in under 20 minutes.
Notably, what has unsettled many in the crypto industry is that the protocol had undergone extensive security reviews prior to the breach. Reports indicate the system had been audited multiple times by several security firms and was covered by a substantial bug bounty program designed to reward researchers who identified vulnerabilities.
Despite these precautions, the attack demonstrated that traditional auditing processes may not be sufficient to safeguard complex DeFi systems. Security audits typically review smart contract code at a specific moment in time, but they may not fully account for operational risks such as compromised infrastructure keys or misconfigured permissions.
In response, the incident has sparked renewed debate about the limitations of relying solely on audits and bug bounty programs as primary security measures.
Analysts argue that modern DeFi protocols operate within interconnected ecosystems in which risks extend beyond individual smart contracts to encompass operational infrastructure, governance controls, and cross-protocol dependencies.
Meanwhile, industry participants have also pointed to the cascading effects that such exploits can trigger across the broader DeFi landscape. In this case, several lending vaults and liquidity pools with exposure to USR-related assets were indirectly affected when the token lost its peg. Some automated curator systems reportedly continued allocating funds to affected markets even after the exploit had begun, amplifying the damage.
Ultimately, data from blockchain security firms suggests the problem is worsening. Losses from DeFi exploits have already surpassed $130 million in the first quarter of 2026, exceeding the total recorded during the same period last year. The Resolv incident now joins a growing list of high-profile breaches that have collectively shaken investor confidence.
Be the first to comment