What to know:
- StablR was exploited after attackers compromised a multisig private key and minted millions of fake EURR and USDR stablecoins.
- The exploit caused both stablecoins to lose their pegs as attackers swapped the tokens on decentralized exchanges, extracting nearly $2.8 million.
- The incident highlights growing DeFi security risks tied to weak private key management and governance controls.
StablR suffered a major exploit after attackers reportedly compromised a multisignature private key and minted millions of unauthorized EURR and USDR stablecoins.
The incident caused both assets to sharply depeg as attackers swapped the tokens on decentralized exchanges. The exploit added to growing concerns over weak private key management and rising DeFi security breaches this month.
StablR Exploit Triggers Stablecoin Depeg
Crypto security firm Blockaid reported an ongoing exploit targeting stablecoin issuer StablR on Sunday. The incident affected both the platform’s Euro-backed EURR token and dollar-backed USDR token.
Around $2.8 million had already been extracted when the exploit was detected. According to the investigation, the attack originated from a compromised private key connected to StablR’s minting multisignature wallet, affecting both EURR and USDR stablecoins.
The system reportedly operated with a weak one-of-three approval threshold, allowing a single compromised signer to gain control. The attacker allegedly inserted their own address, removed existing owners, and minted millions of EURR and USDR tokens without authorization.
Blockchain analysts stated that 8.35 million USDR and 4.5 million EURR were created during the exploit. The newly minted EURR and USDR assets were later swapped on decentralized exchanges.
However, thin liquidity significantly reduced the final value received from EURR and USDR trading. Although the attacker minted EURR and USDR tokens worth about $10.4 million, the swaps generated only around 1,115 ETH, valued at nearly $2.8 million.
Security researchers stressed that the issue was not related to a flaw in smart contract code. Instead, the exploit highlighted weaknesses in governance controls and private key management systems.
Also Read: Solv Protocol Migrates $700M BTC Assets to Chainlink CCIP
EURR and USDR Lose Their Pegs
The exploit immediately impacted both StablR stablecoins in the market. EURR, which carries a market capitalization of roughly $14 million, dropped about 23%. The token lost its peg and traded near $0.88 against its intended Euro-linked valuation.
The price of USDR fell even further due to the situation. Previously worth around $11 million prior to the hacking incident, the stablecoin fell by almost 30% to trade at around $0.70 on Sunday morning.
StablR claims to be an authorized stablecoin issuer whose coins are backed by Euro and dollar collateral. According to StablR, their reserve assets exist in segregated institutional wallets and are distinguished by transparency in proof-of-reserve mechanisms. StablR stablecoins function within the Ethereum and Solana blockchains.
This project received additional attention due to the involvement of Tether as an investor in December 2024. At the time of writing this article, no statements had been released by the company on its X account.
DeFi Security Incidents Continue Rising
However, the StablR hack adds to an already growing list of crypto attacks reported in May. Statistics from DeFiLlama reveal that over a dozen crypto hacks were recorded this month.
Recently reported security breaches caused by the compromise of private keys/admin keys have affected projects like Volo Vault, Wasabi Perps, Echo Bridge, and Polymarket.
This week, another attack took place targeting Map Protocol, where an attacker took advantage of a bug in a smart contract and created one quadrillion MAPO tokens.
Also Read: ROSE Price Analysis: Consolidation Hints at an Explosive Breakout Rally to $1
Be the first to comment