StatlR Euro (EURR) and StatlR USD (USDR) lost their peg on Ethereum on May 24, 2024, after the project's minting contract was hacked, allowing hackers to withdraw approximately $2.8 million.
Blockchain security company Blockaid detected the attack and stated that it was caused by a leaked private key, rather than a vulnerability in StablR's smart contract.
How the attacker gained control of StablR
Multisig wallets used to Mint StatlR Token only require one of the three signatories to authorize a transaction. This means that if just one private key is leaked, a hacker could gain complete control of the contract.
The attacker added their own address as the new owner and removed the two remaining legitimate signatories. They then Mint 8.35 million USDR and 4.5 million EURR, bringing the total value at the peg to approximately 10.4 million USD.
Blockaid summarized this process in a post on X :
"This isn't a flaw in the smart contract – it's a failure in key management and operations."
Low liquidation on decentralized exchanges (DEXs ) has significantly limited the amount of money hackers can obtain.
Swapping $10.4 million worth of Token that were recently Mint into smaller liquidation pools only yielded about 1,115 ETH, equivalent to over $2.8 million.
EURR fell by approximately 20% on Ethereum liquidation pools, while USDR also lost its peg as selling pressure overwhelmed liquidation.
A common blind spot in management.
This incident is similar to previous stablecoin attacks, where unauthorized Mint caused stablecoins to quickly lose their peg.
The wave of attacks exploiting leaked private keys in DeFi continues, contributing to record numbers of scams and asset losses in crypto in recent years.
A similar Resolv stablecoin hack earlier in 2026 also occurred with an almost identical scenario, where a weakly secured private key led to the Mint of a large number of Token.
StablR holds an Electronic Money Institution (EMI) license issued by the Maltese financial regulator and currently operates under European Union regulation as part of the Markets in Crypto-Assets (MiCA) scheme.
StatlR also received strategic investment from Tether in late 2024. It remains unclear how this regulatory and financial relationship will affect the remediation plan.
