StablR halts USDR and EURR after attacker mints $13.5M of unbacked tokens
European stablecoin issuer StablR has suspended minting, redemptions and trading for its USDR and EURR tokens after a cyberattack left the coins under‑collateralized, the Malta‑based firm said.
What happened
- Onchain investigator ZachXBT publicly flagged suspicious activity over the weekend, prompting StablR to probe “irregularities” detected by internal alerts.
- The company froze token operations and asked exchanges to stop trading, deposits and withdrawals while it investigates. External cybersecurity firms and law enforcement have been engaged.
How the exploit worked (allegations from security researchers)
- Blockchain security firm GoPlus Security says the breach exploited a weakness in StablR’s Ethereum multisignature wallet. The minting wallet was reportedly configured with a 1‑of‑3 multisig threshold, meaning any single key could approve transactions.
- Attackers are said to have compromised one key, added themselves as an administrator, removed the legitimate signers and minted approximately 8.35 million USDR and 4.5 million EURR — roughly $13.5 million in unbacked tokens at peg.
- Because liquidity on decentralized exchanges was thin, the attackers were able to offload a portion of the newly minted supply, reportedly netting about $2.8 million.
Impact on token values and backing
- StablR acknowledged that circulating USDR and EURR are “currently not fully backed at the 1:1 ratio” required under the EU’s Markets in Crypto‑Assets (MiCA) rules.
- According to CoinGecko, USDR’s market cap is about $20 million and EURR’s about $10 million. The tokens briefly fell as much as 50% off peg; USDR has recovered to roughly $0.994, while EURR trades near $0.548 — well below the euro’s current value (~$1.16).
Regulatory and company response
- StablR said it will notify the Malta Financial Services Authority under the EU’s Digital Operational Resilience Act (DORA) and MiCA reporting obligations.
- CEO Gijs op de Weegh said the company is acting “with full transparency” as the investigation continues.
What to watch next
- Ongoing forensic work by external cybersecurity firms and law enforcement may reveal further details about the attack vector and whether additional funds can be recovered.
- Exchanges and counterparties are likely to keep withdrawals and trading suspended until StablR demonstrates restoration of backing or other remediation steps.
We’ll update as more official findings and responses from the firm, security researchers and regulators become available.
Read more AI-generated news on: undefined/news
