StablR EURR and USDR depeg after $2.8M key exploit
A compromised 1-of-3 minting key let an attacker mint 8.35M USDR and 4.5M EURR, extracting about $2.8M and causing both stablecoins to lose their pegs.
Blockchain security firm Blockaid reported on Sunday that StablR’s euro and dollar stablecoins depegged after an attacker used a compromised 1-of-3 multisignature minting key to mint roughly 8.35 million USDR and 4.5 million EURR. Blockaid’s detection system flagged abnormal activity on StablR’s issuer account and identified about $2.8 million extracted so far.
Blockaid said the minting multisig used a weak 1-of-3 threshold. An attacker who compromised a single key was able to add themselves, replace other owners on the account and mint new tokens. The attacker then swapped the freshly minted tokens on decentralized exchanges, receiving roughly 1,115 ETH, about $2.8 million, because liquidity in the pools was limited.
The sudden increase in supply pushed both tokens off their pegs. EURR, with a market capitalization near $14 million, fell about 23% to trade near €0.88. USDR, with about $11 million in market value, dropped roughly 30% to trade near $0.70 during the incident.
Blockaid wrote that the event was “not a smart contract bug — it’s a key management and governance failure,” pointing to the low multisig threshold and weak owner protections as the immediate cause.
StablR issues regulated, collateralized stablecoins backed by reserves held in segregated accounts at financial institutions. The tokens are available on Ethereum and Solana, and the project publishes proof-of-reserves disclosures. Tether invested in StablR in December 2024.
Blockaid estimated the attacker minted tokens worth about $10.4 million but was able to extract far less value because decentralized exchange pools lacked depth. The exploit remained active while investigators and on-chain trackers monitored flows. StablR’s official X account showed no substantive update at the time of Blockaid’s alert.
Compromised private or admin keys have been a common route for recent attacks. More than a dozen major exploits have been reported in May, with recent incidents involving Volo Vault, Wasabi Perps, Echo Bridge and Polymarket. Recovery of stolen funds typically depends on cooperation from centralized trading platforms and on-chain forensic work.
The material on GNcrypto is intended solely for informational use and must not be regarded as financial advice. We make every effort to keep the content accurate and current, but we cannot warrant its precision, completeness, or reliability. GNcrypto does not take responsibility for any mistakes, omissions, or financial losses resulting from reliance on this information. Any actions you take based on this content are done at your own risk. Always conduct independent research and seek guidance from a qualified specialist. For further details, please review our Terms, Privacy Policy and Disclaimers.
Articles by this author
