StablR Security Breach: $2.8M Lost After Multisig Key Compromise

Key Takeaways

• Security firm Blockaid identified an active exploit targeting StablR, resulting in approximately $2.8 million in losses
• An attacker exploited a vulnerable 1-of-3 multisig setup by compromising a single private key to mint 8.35M USDR and 4.5M EURR
• EURR lost its peg, plummeting 23% from $1.15 to $0.88, while USDR fell 30% to $0.70
• Despite minting tokens valued at $10.4 million, limited liquidity on decentralized exchanges netted the hacker only 1,115 ETH
• Over a dozen significant DeFi security incidents have occurred in May 2025, affecting platforms like THORChain, Verus Bridge, Echo Protocol, and Polymarket

StablR, a regulated stablecoin issuer, fell victim to a major security breach on Sunday, with hackers draining approximately $2.8 million from the platform. The exploit was first identified by blockchain security company Blockaid using its real-time threat detection system.

The root cause appears to be a compromised private key within StablR’s minting multisignature wallet. The wallet’s configuration featured an inadequate 1-of-3 threshold setup, requiring just a single key to authorize transactions.

Leveraging this vulnerability, the hacker added their own address as an authorized owner while simultaneously removing legitimate owners. This access allowed them to illegally mint 8.35 million USDR and 4.5 million EURR tokens.

Blockaid didn’t mince words when describing the incident. “This is not a smart contract bug — it’s a key management and governance failure,” the security firm stated.

Dramatic Depeg Events Hit Both Stablecoins

The unauthorized token creation triggered severe depegging across both of StablR’s stablecoin offerings. EURR, the platform’s euro-denominated stablecoin with a $14 million market capitalization, experienced a dramatic 23% drop from its $1.15 peg down to $0.88.

Meanwhile, USDR, StablR’s dollar-pegged token boasting an $11 million market cap, crashed 30% to $0.70. As of press time, neither stablecoin had recovered its intended peg.

The attacker proceeded to liquidate the freshly minted tokens through decentralized exchange platforms. However, shallow liquidity pools significantly impacted the actual value extracted—the tokens, nominally worth approximately $10.4 million, converted to merely 1,115 ETH, equivalent to roughly $2.8 million.

Blockchain investigator ZachXBT estimated the total exploit amount at around $10 million. The attack remained active when initial reports surfaced Sunday morning.

As of this writing, StablR has not released any official statement or update via its X account.

May 2025: A Challenging Month for DeFi Security

May has proven particularly troublesome for cryptocurrency security. Data from DeFiLlama shows over a dozen significant exploits have occurred throughout the month.

Additional platforms compromised in May include THORChain, Verus Bridge, Echo Protocol, and Polymarket. A common thread among many incidents involves compromised private or administrative keys rather than vulnerabilities in smart contract code.

Volo Vault, Wasabi Perps, Echo Bridge, and Polymarket have all experienced comparable key-based security breaches within the last sixty days.

On May 21, Map Protocol, a Bitcoin cross-chain bridge solution, suffered its own exploit through an actual smart contract vulnerability. In that case, the attacker managed to mint one quadrillion MAPO tokens, triggering a catastrophic 96% price collapse.

StablR specializes in issuing regulated stablecoins with reserves maintained in segregated accounts at established financial institutions. Notably, Tether, the world’s dominant stablecoin provider, made an investment in StablR during December 2024.

At publication time, StablR has yet to release an official response regarding the security breach.