StablR Attack — Recap of the $EURR/$USDR Anchoring Issue
In conclusion: this appears to be a minting authority/key governance incident , not a normal price fluctuation. Security reports retrieved indicate that the attackers likely gained control of a single stolen private key used for StablR minting multisignature, minting an additional 8.35M $USDR + 4.5M $EURR , and then exchanged it for approximately 1,115 $ETH (about $2.8M ) on a DEX. Therefore, both $EURR and $USDR have decoupled from their euro peg, and the latest $EURR price is still around $0.815 , significantly deviating from the euro peg.
Event Overview
The core judgment is that this is not a matter of a "temporary market crash," but rather a loss of control over the minting authority of the stablecoin issuer. Blockaid disclosed that StablR uses a 1-of-3 threshold for minting multisignature; once a single owner's private key is compromised, an attacker can replace the owner and control the minting authority. (crypto.news )
Key data for the event. Sources include disclosures from security companies and media reports; the market snapshot is the currently searchable price series.
| project | Data retrieved | Source Time | Interpretation |
|---|---|---|---|
| Suspected cause | Minting multisignature owner's private key leaked | 2026-05-24 08:18 UTC | Access control failure |
| Multiple signature threshold | 1-of-3 | 2026-05-24 08:18 UTC | High risk of single point of failure |
| Newly minted $USDR | 8.35M | 2026-05-24 08:18 UTC | Abnormal supply shock |
| Newly minted EURR | 4.5M | 2026-05-24 08:18 UTC | Abnormal supply shock |
| Extracting profits | 1,115 $ETH / ~$2.8M | 2026-05-24 08:18 UTC | Limited by DEX liquidity |
Why is there such a large discrepancy between the face value and the actual return? Reports indicate that the attackers minted approximately $10.4M of tokens with a face value , but due to the low liquidity of the DEX, only about $2.8M were ultimately redeemed. This shows that the attack did not "cash out all the face value without loss," but it was enough to undermine the secondary market's confidence in the integrity of redemptions and reserves. (crypto.news )
Attack path
The attack path has been disclosed. The attacker apparently first obtained the private key of one of the owners in the StablR minting multisignature, then added themselves as the owner, replaced the other two legitimate owners, and finally minted 8.35 million $USDR and 4.5 million $EURR . Blockaid characterized the incident as "not a smart contract vulnerability, but a failure in key management and governance." (crypto.news )
The risk lies in the threshold design. While 1-of-3 multisignature is highly convenient in operation, it has a very low security margin for systemic permissions such as minting authority: if even one owner's private key is compromised, an attacker can gain complete control. This structure is particularly dangerous for stablecoins because their credibility comes from "controllable issuance + redeemable reserves"; once unauthorized minting occurs, the market will immediately price them at a discount.
On-chain fund flows. ZachXBT disclosed that the StablR-related $EURR/$USDR contract was suspected of being attacked, with potential losses exceeding $3 million . It also mentioned that funds flowed through Noble CCTP and involved 7 addresses. This part was disclosed by a third-party on-chain detective and differs slightly from Blockaid's disclosure of ~$2.8 million already withdrawn ; it should be understood as an "estimated loss still being updated." ChainCatcher
Anchorage range
Reporting Stance. Following the incident, media outlets cited market data stating that the euro fell from its pegged value of approximately $1.15 to around $0.88 , a drop of about 23% ; the USDR fell from around $1.00 to around $0.70 , a drop of about 30% . (TradingView / Cointelegraph)
Currently searchable market data. $EURR The latest price in the current price sequence is $0.815 (snapshot 2026-05-25 04:10 UTC ), with a 24-hour range of approximately $0.815–$0.932 , indicating that $EURR has not yet resumed its anchoring. Another project snapshot shows that $EURR has a 24-hour trading volume of approximately $2.67M and a market capitalization of approximately $14.0M . Liquidity and market capitalization are not large, and short-term prices are easily dominated by redemption expectations, freeze/migration announcements, and panic selling.
| assets | Anchoring target | Prices/Decreases Found | Data properties |
|---|---|---|---|
| $EURR | The euro is the pegged exchange rate, reportedly equivalent to approximately $1.15. | Reports indicate prices as low as approximately $0.88 / -23%. | Searched: Media reports |
| $EURR | Euro anchor | Latest sequence $0.815 | Searched: Market data series |
| $USDR | $1.00 | Reports indicate prices as low as approximately $0.70 / -30%. | Searched: Media reports |
| $USDR | $1.00 | The current independent price is not adopted. | Data gap: Risk of identification conflict with the same ticker |
Data gap warning. I haven't used the "$USDR latest price sequence" as a reference for the current price of StablR $USDR because tickers with the same name might be confused with other assets $USDR; the more reliable one at present is the $USDR de-anchored range mentioned in the incident reports. The current sequence for $EURR can be used as a reference because the project data is consistent with StablR's identification.
Risk Watch
Holder Risk. For $EURR/$USDR holders, the key issue is not just the secondary market price, but whether StablR can clearly define: whether tokens minted through attacks can be frozen, whether legitimate minting can be distinguished from attack minting, whether there will be contract migration, and whether 1:1 redemption will be maintained. If the official team cannot quickly provide an executable solution, the discount may persist.
Protocol integration risks. If $EURR or $USDR is integrated into a DeFi pool, payment channel, or lending protocol, the risk spills over to LPs, routers, and merchants accepting payments with that stablecoin. Because this attack inherently involves issuance authority, any integration relying on "trusted supply" needs to be reassessed regarding whitelists, price oracles, and redemption assumptions.
Reserves and redemptions are the dividing line. Reports indicate that StablR claims to issue a regulated, collateralized stablecoin and emphasizes reserve segregation, proof-of-reserves, and Ethereum and Solana availability; however, current market pricing suggests traders are more concerned about whether the supply minted in an attack will affect redeemability. (TradingView / Cointelegraph)
Inference: If StablR can quickly revoke the compromised permissions, freeze the tokens associated with the attacking address, publish a list of affected supply, and promise redemption to legitimate holders, there is a possibility that $EURR/$USDR could be restored to its peg. If it cannot distinguish between attack-minted tokens and normal circulation, the market will continue to discount based on "redemption uncertainty." This is an inference based on the stablecoin incident handling path, not an officially confirmed result.
in conclusion
The core issue of this StablR incident is a failure to secure minting permissions : the attackers did not merely steal liquidity, but seemingly briefly seized control of the issuance platform and minted unauthorized $EURR/$USDR. Data shows an attack face value of approximately $10.4M , with approximately $2.8M actually redeemed, resulting in a 20%+/30% decoupling of $EURR/$USDR. Currently, the most important thing is not to watch for a short-term rebound, but to wait for official confirmation of permission restoration, attack supply handling, and a redemption plan.
Bottom line. For holders: Before StablR releases a clear remedy and redemption plan, $EURR/$USDR should be treated as a "high-event-risk stablecoin"; For DeFi integrators: They should prioritize suspending new exposures, reviewing oracle and pool risks, and await on-chain confirmation from the official/security team.