Resolv Labs moved its operations on Sunday to reassure users after an exploit hit the USR stablecoin’s issuance mechanism, knocking the token off its dollar peg and forcing decentralized finance (DeFi) protocols to act quickly to contain any fallout.
Cointelegraph reported earlier on Sunday that an attacker exploited USR coin minting mechanics by creating tens of millions of unsecured tokens and dumping them into DeFi pools, breaking the stability of the stablecoin and prompting Resolv to pause the protocol’s functions to assess the damage.
According to CoinGecko data, after the exploit the token’s price dropped to $0.14 (86% below the intended price of $1) before rising to $0.42 at the time of writing.
In recent statement in case Work is ongoing to limit the spread of pollution and assess the effects.
Onchain data from Arkham, confirmed by Web3 security firm Cyvers, showed that the attacker converted most of the minted USR into Ether (ETH), selling some of the loot for approximately 11,400 ETH (approximately $24 million). Independent analysts too excellent that the remaining $36.74 million “continued to be dumped on an ongoing basis.”
Michael Pearl, vice president of GTM and strategy at Cyvers, told Cointelegraph that because supply increased faster than the market could absorb and the token immediately weakened, the value of the remaining tokens dropped significantly.
Related: Google Intel Threat Tags Cryptography Stealing ‘Ghostblade’ Malware
DeFi protocols are moving to stem the fallout
Decentralized finance (DeFi) protocols with exposure to Resolv have been racing to clarify their position. Lido’s floating rate provider he said that Lido Earn users’ funds are sheltered. Morpho co-founder Merlin Egalite stressed that the lending protocol’s own contracts were not affected and that only some vaults were exposed, while Aave founder Stani Kulechov he said that the platform was not directly exposed to the USR and that Resolv was repaying its outstanding debt.
X-account “yieldsandmore” pointed to potential losses in the junior tranche of RLP Resolv, highlighting a possible knock-on effect on yield platforms such as Stream and yoUSD that used RLPs as collateral.
Pearl told Cointelegraph that based on available data, exposure appears “relatively concentrated” in credit markets and leverage loops “rather than the overall system,” and primarily on protocols integrating USR, wstUSR or RLP in credit, leverage or yield strategies.
Related: Immunefi’s report shows that the number of hacked crypto tokens drops by an average of 61% and they are rarely recovered
He said several protocols such as Euler, Venus, Lista and Fluid have taken preventive actions such as pausing markets or isolating vaults, while others have declared no exposure. “It is more appropriate to describe the risk as concentrated and related to the local spread of the virus, rather than as a spreading infection,” he said.
Ledger CTO Charles Guillemet, too rated fallout on X, stating that due to the relatively compact size of the USR, it is “not a Terra Luna-type event.”
Questions about the limitations of security audits
Resolv shrewd contracts have been through a lot audits from 2024, but Pearl said that while the audits are “necessary”, they are also “inherently static in nature and limited in scope”. He argued that artificial intelligence-based real-time monitoring is needed to “continuously analyze protocol activity” and detect emerging anomalies.
Specifically for stablecoin systems, he said this means monitoring coin flows and burns for expected behavior in real time, constantly checking supply against reserves and backing assets, and detecting anomalies in oracle inputs, prices and liquidity conditions.
Pashov security company, which audited Resolv staking module told Cointelegraph in July 2025 that Resolv’s design was “good” and that the root cause was “not so much the design but a private key compromise,” which likely represented an operational security flaw. “We need to understand how this happens,” he said.
Cointelegraph reached out to Resolv Labs for comment but did not receive a response via publication.
AI Eye: IronClaw competes with OpenClaw, Olas runs bots for Polymarket
