StablR Exploit Drains $2.8M as Stablecoins Depeg
Blockchain security firm Blockaid identified an ongoing exploit on StablR affecting its Euro and USD stablecoins. A compromised private key in the minting multisig account enabled the attacker to mint 8.35 million USDR and 4.5 million EURR tokens, causing significant depegging across the ecosystem.
FinCNews Editorial
View source
What Happened
Blockchain security firm Blockaid reported on May 24, 2026, that its exploit detection system identified an ongoing attack on StablR, with approximately $2.8 million extracted so far. The suspected cause is a private key compromise belonging to one owner in the minting multisignature account, which operated with a weak 1-of-3 threshold.
The attacker exploited the vulnerability by adding themselves to the multisig account and replacing the other owners. They then minted 8.35 million USDR (USD stablecoin) and 4.5 million EURR (Euro stablecoin) tokens worth approximately $10.4 million in total. The attacker subsequently swapped these minted tokens on decentralized exchanges, causing both the Euro and USD stablecoins to depeg from their intended values.
Why It Matters
This exploit represents a critical failure in StablR's security architecture and highlights the risks of inadequate multisig implementations in stablecoin protocols. The 1-of-3 threshold is particularly concerning as it requires only one authorized signer, creating a single point of failure for protocols managing tens of millions in assets.
The depeg event impacts all users holding USDR and EURR tokens, eroding confidence in the protocol's ability to maintain price stability. The incident adds to a growing list of hacks and exploits occurring throughout May 2026, suggesting increased vulnerability across DeFi infrastructure during this period.
Expert Perspective
Multisignature accounts require careful threshold design, yet many protocols continue implementing weak configurations that expose them to single-key compromises. This incident mirrors previous stablecoin failures where inadequate security governance enabled unauthorized minting and subsequent market disruption. The $10.4 million in minted tokens flooding decentralized exchanges simultaneously demonstrates how quickly large-scale exploits can destabilize price mechanisms once executed.
What to Watch
Monitor StablR's official communications for emergency measures to halt minting, freeze compromised accounts, or implement recovery mechanisms. Watch for developments regarding private key recovery procedures and whether multisig thresholds are upgraded to require 2-of-3 or higher approval requirements. Track USDR and EURR price recovery on major exchanges and observe whether liquidity providers continue supporting these trading pairs.
Disclaimer: This article is AI-assisted and for informational purposes only. Nothing published on FinCNews constitutes financial advice, investment recommendation or solicitation. Cryptocurrency markets are highly volatile. Always conduct your own research and consult a qualified financial advisor before making investment decisions. About our editorial standards →