Home
News
Details

StablR Stablecoins EURR and USDR Depeg After Minting Key Exploit

iconThe Defiant
Share
Share IconShare IconShare IconShare IconShare IconShare IconCopy
AI summary iconSummary

expand icon
StablR’s EURR and USDR depegged by over 20% following a DeFi exploit that drained its minting contract. A compromised 1-of-3 multisig key triggered the security breach, according to Blockaid. Losses are estimated between $2.8 million and $10 million. StablR confirmed the incident but has not yet revealed a recovery plan or final figures.

StablR, a European stablecoin issuer backed by Tether, suffered an exploit on Saturday that drained funds from its minting contract and sent both its euro and dollar-pegged tokens sharply below their pegs.

Security firm Blockaid, which first flagged the attack on-chain, said roughly $2.8 million had been extracted. Marcin Kazmierczak, co-founder of RedStone Oracles, and on-chain monitoring account PharosWatch put the figure closer to $10 million. The disparity could not immediately be reconciled; the situation was still developing as of the time of writing. Both EURR, pegged to the euro, and USDR, pegged to the U.S. dollar, depegged by more than 20%, according to multiple observers.

StablR had positioned itself as a fully compliant, 100%-collateralized stablecoin issuer, one of a growing class of regulated euro stablecoin projects targeting European markets ahead of the EU's Markets in Crypto-Assets (MiCA) framework coming into full effect.

StablR confirmed the exploit in a post on X on Saturday, saying it had "identified an exploit" and was "actively working to contain it and minimize impact." The company said it would share "verified details and next steps as soon as possible" but had not provided further on-chain specifics by the time of publication.

Key Compromised

Blockaid's automated detection system identified the attack and issued an alert naming the two token contract addresses on Ethereum. On-chain analysts attributed the breach to a compromised key on StablR's minting multisig, a security setup that required only one of three authorized signers to approve minting transactions. Kazmierczak described it as "another key compromise attack, this time a 1-of-3 minting multisig."

PharosWatch noted that funds were withdrawn via CCTP — Circle's Cross-Chain Transfer Protocol — on Noble, a Cosmos-based chain, and said on-chain investigator ZachXBT had confirmed the attack.

Tether, the issuer of the world's largest stablecoin USDT, made a strategic investment in StablR in 2024.

The StablR exploit is the latest in a series of weekend security incidents that have hit crypto protocols. Kazmierczak said, "Seems like no weekend this year without a hack."

Users holding EURR or USDR were advised to proceed with caution. StablR has yet to announce a recovery plan or provide an updated assessment of total losses.

Source:Show original
Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information. Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.