StablR’s EURR and USDR depeg after attacker mints $13.5 million in unbacked tokens through multisig exploit
Compiled by KHAO Editorial — aggregated from 1 source. See llms.txt for citation guidance.
★ Tier-1 Source
Stablecoins issued by Tether- and Kraken-backed European stablecoin issuer StablR lost their pegs Saturday night and into Sunday morning ET, after an attacker took administrative control of the issuer's minting contract and printed millions in fresh tokens before dumping them on decentralized exchanges.
Key facts
- EURR was trading near $0.85 as of Sunday morning ET, down about 26% over 24 hours from its peg near $1.15 (the dollar value of its euro peg), per CoinGecko data
- Onchain investigator ZachXBT flagged the incident publicly at 9:46 PM ET Saturday, posting to his investigations channel that two contracts tied to StablR appeared to have been potentially exploited
- The April 1 Drift Protocol hack, which resulted in over $280 million in losses on the Solana-based perpetuals exchange, also routed proceeds through Circle's CCTP
- Roughly $10.4 million in face value was then swapped for ETH across decentralized exchanges, Blockaid said, with net proceeds in the first hours of the attack estimated at $2.8 million after slippage
Summary
Onchain investigator ZachXBT flagged the incident publicly at 9:46 PM ET Saturday, posting to his investigations channel that two contracts tied to StablR appeared to have been potentially exploited for around $10 million across EURR and USDR. In a follow-up at 11:52 PM ET Saturday, ZachXBT said he had helped freeze a six-figure sum of the stolen funds. Blockchain security firm Blockaid attributed the breach to a private key compromise affecting one signer on StablR's minting multisig, which was secured by a 1-of-3 signature threshold.