An ongoing exploit targeting StablR has resulted in the depeg of both its Euro and USD stablecoins, with approximately $2.8 million extracted so far. Blockchain security firm Blockaid identified the attack on Sunday, attributing the breach to a compromised private key within the stablecoin issuer’s minting multisignature account. The incident adds to a growing list of DeFi exploits plaguing the crypto ecosystem this month, highlighting critical vulnerabilities in key management practices across the industry.
According to Blockaid’s analysis, the attacker gained access to one owner’s private key in a weak 1-of-3 multisig threshold setup. The perpetrator then added themselves as a signer, replaced the other owners, and minted 8.35 million USDR tokens alongside 4.5 million EURR tokens. This unauthorized minting totaled approximately $10.4 million in value, which the attacker subsequently swapped on decentralized exchanges for roughly 1,115 ETH, equivalent to $2.8 million at current prices.
The significant difference between the minted value and the amount recovered highlights the impact of thin liquidity on decentralized exchanges. “This is not a smart contract bug, it’s a key management and governance failure,” Blockaid stated, emphasizing that the vulnerability stemmed from operational security lapses rather than code defects. The incident underscores how even well-intentioned multisig protections can fail when threshold requirements are set too low.
See also: EUR/USD Weekly Analysis: Dollar Strength Tests Euro Support at Critical Juncture
StablR’s EURR token, which carries a $14 million market capitalization, lost 23 percent of its value following the exploit. The asset depegged from its intended $1.15 EUR/USD peg to just $0.88, according to data from CoinGecko. Meanwhile, the USDR stablecoin, with an $11 million market cap, experienced an even steeper decline of 30 percent, plummeting to $0.70 during the Sunday morning incident.
StablR positions itself as a regulated stablecoin issuer offering collateralized tokens pegged to both the Euro and US Dollar. The platform maintains reserves in segregated accounts at top-tier financial institutions and emphasizes regulatory compliance and transparency through proof-of-reserves attestations. StablR’s tokens are available on both Ethereum and Solana blockchains, providing users with cross-chain accessibility. Notably, Tether, the world’s largest stablecoin issuer, invested in StablR in December 2024, lending credibility to the platform before this security incident.
May 2026 has proven to be a particularly challenging month for the DeFi sector, with over a dozen major exploits reported according to DeFiLlama data on similar incidents. Significant attacks have impacted THORChain, Verus Bridge, Echo Protocol, and Polymarket, among others. The frequency and scale of these exploits suggest systemic issues within DeFi infrastructure that extend beyond individual protocol vulnerabilities.
See also: THORChain Halts Trading After Suspected A $10 Million Exploit
Compromised private keys have emerged as a particularly common attack vector in recent weeks. Volo Vault, Wasabi Perps, Echo Bridge, and Polymarket all fell victim to private or admin key exploits over the past two months. This pattern indicates that many DeFi protocols have not adequately addressed operational security concerns, despite the high-value targets they represent. The reliance on multisignature wallets, while theoretically sound, often breaks down in practice due to poor threshold configurations or inadequate key management procedures.
The StablR incident also reflects broader concerns about stablecoin security and the regulatory landscape surrounding digital assets. As noted in recent regulatory developments, central banks and financial authorities are increasingly scrutinizing stablecoin issuers. Operational failures like this one may intensify regulatory pressure on the sector, potentially leading to stricter compliance requirements and security standards.
At the time of reporting, StablR had not issued any official statements regarding the exploit or recovery efforts through its social media channels. The lack of immediate communication from the team may further erode user confidence in the platform. As the DeFi ecosystem continues to mature, incidents like the StablR exploit serve as stark reminders that technical sophistication alone cannot substitute for robust operational security practices and proper governance structures.
More Reads:
Gold (XAU/USD) Market Analysis: Consolidation Amid Geopolitical Tensions and Rate Uncertainty
Bitcoin ETF Outflows Signal Contrarian Buy Opportunity, Says Santiment
If you’re reading this, you’re already ahead. Stay there, by joining the…
Discover more from Dipprofit
Subscribe to get the latest posts sent to your email.
