An ongoing exploit is affecting StablR, causing its Euro and USD stablecoins to lose stability, and is being blamed for a private key compromise, adding to this month’s list of hacks and exploits.
The blockchain security company said on Sunday that its exploit detection system had identified an ongoing exploit at issuer StablR, which has so far extracted about $2.8 million.
The suspected cause is a single-owner private key compromise on a multi-mint signature account that used a frail 1 of 3 threshold. he stated Blockade.
The attacker added himself, replaced the remaining owners and minted USDR 8.35 million and EURR 4.5 million, causing a depeg of the stablecoins.
The attacker then converted about $10.4 million worth of minted tokens on decentralized exchanges for just 1,115 ETH, or about $2.8 million, due to low liquidity.
“This is not a smart contract failure — it is a key governance and management failure,” Blockaid said.
May was a bad month for crypto and DeFi exploits – there have been over a dozen sedate incidents so far, According to to DeFiLlama. Some larger ones included THOR Chain, Verus BridgeEcho and Polymarket Protocol.
Depeg euro and dollar stablecoins StablR
According to CoinGecko, euro stabilcoin StablR, EURR, which has a market capitalization of $14 million, lost 23% of its value, which reduced the value of the asset from $1.15 to $0.88 on EUR/USD markets.
Meanwhile, USDR’s USD stablecoin StablR, with a market capitalization of $11 million, fell 30% to $0.70 amid the ongoing incident on Sunday morning.
Related: Map Protocol token drops 96% after quadrillion Mint tokens are used
StablR issues regulated, collateralized stablecoins pegged to the Euro and USD, with reserves held in segregated accounts at leading institutions. They emphasize regulatory compliance, transparency through proof of reserves, and availability on Ethereum and Solana.
The world’s largest stablecoin issuer, Tether, invested at StablR in December 2024
There have been no updates to the StablR X source at the time of writing.
EURR drops to 23%. Source: Platypus
The number of DeFi exploits continues to grow
Compromised private keys are becoming a common attack vector, and several DeFi protocols are being exploited recently due to mismanagement.
Volo Vault, Wasabi Perps, Echo Bridge and Polimarket in the last two months, all of them were attacked by private or administrative key exploits.
Meanwhile, Bitcoin’s cross-chain bridge map protocol was exploited by a clever contract bug on Wednesday, May 21, when an attacker minted a trillion MAPO tokens.
Warehouse: DeFi’s billion-dollar secret: the insiders behind the hacks
