What to Know
- StablR’s EURR lost 23% of its value, falling from its $1.15 peg to $0.88 during the exploit
- USDR, the dollar stablecoin, dropped 30% to $0.70 as the attack unfolded on Sunday, May 24
- The attacker minted 8.35 million USDR and 4.5 million EURR after compromising a single private key in a 1-of-3 multisig account
- Around $2.8 million was ultimately extracted after thin DEX liquidity slashed the value of the minted tokens
A stablecoin depeg hit both of StablR’s flagship tokens on Sunday after a suspected private key compromise allowed an attacker to seize control of the issuer’s minting multisig account, mint billions in unbacked tokens, and walk away with roughly $2.8 million, exposing a governance failure that has nothing to do with smart contract code.
What Caused the StablR Stablecoin Depeg?
On Sunday, blockchain security firm Blockaid flagged an ongoing exploit targeting StablR, the regulated European stablecoin issuer. The suspected root cause was a private key compromise inside the minting multisig account, which operated on a weak 1-of-3 threshold. The attacker exploited that gap to take control of the entire minting process.
Once inside, the attacker added themselves as a signer, removed the other owners, and began minting at will. They created 8.35 million USDR and 4.5 million EURR tokens, tokens that had zero backing. The combined face value of those freshly minted tokens was around $10.4 million, but the attacker could only dump them on decentralized exchanges for 1,115 ETH, or roughly $2.8 million, because the trading pools simply did not have the depth to absorb the sell pressure. According to reporting that tracked the StablR private key minting multisig compromise, the forensic trail points squarely at the multisig configuration as the single point of failure.
This is not a smart contract bug, it’s a key management and governance failure.
How Far Did EURR and USDR Fall?
StablR’s euro stablecoin, EURR, carries a $14 million market capitalization. It is pegged to the euro and was trading around $1.15 in USD terms before the attack. By Sunday morning it had shed 23%, crashing to $0.88 according to CoinGecko data. That is a catastrophic depeg for a token marketed as a regulated, reserve-backed instrument.
The dollar stablecoin, USDR, fared even worse. With an $11 million market cap, it dropped 30% from its $1.00 peg to just $0.70. Both tokens are tracked on StablR EURR USDR depeg 2.8 million exploit, where real-time price data confirmed the depegging event as it unfolded. At the time of writing, StablR had posted nothing to its official X account about the incident.
StablR’s Background and the Tether Connection
StablR positions itself as one of the few regulated stablecoin issuers focused specifically on European markets. The company issues collateralized tokens pegged to the euro and the US dollar, with reserves held in segregated accounts at what it describes as top-tier financial institutions. It operates on both Ethereum and Solana, emphasizes proof-of-reserves transparency, and holds regulatory approvals it uses as a core selling point.
That regulated pedigree attracted a high-profile backer. The world’s largest stablecoin issuer, Tether, put money into StablR in December 2024, a deal framed as a push to accelerate euro-denominated stablecoin adoption across Europe. Details of that strategic partnership are documented at the Tether StablR investment December 2024 announcement. The timing makes Sunday’s exploit particularly bruising, less than six months after the Tether vote of confidence, a single weak multisig key undid it.
Why Key Management Failures Keep Hitting DeFi
The StablR incident did not happen in isolation. May 2026 has been a brutal month for crypto security, with more than a dozen major exploits recorded, according to DeFiLlama. The list includes THORChain, Verus Bridge, Echo Protocol, and Polymarket, and the StablR depeg now joins that group.
What ties many of them together is not code. Volo Vault, Wasabi Perps, Echo Bridge, and Polymarket were all hit by private key or admin key compromises over the past two months. The attack vector is consistent: an overly permissive access structure, a weak threshold, and one compromised owner. In StablR’s case, a 1-of-3 multisig, meaning any single one of three keyholders could authorize a mint, handed the attacker exactly what they needed.
The Map Protocol exploit on Wednesday, May 21 used a different method. A smart contract bug let an attacker mint a quadrillion MAPO tokens and sent the token price down 96%. But the underlying dynamic is similar: access structures that were not hardened against a determined attacker. The StablR case is arguably more damning because the fix was not technical, it was procedural. A 2-of-3 or 3-of-3 threshold would have required the attacker to compromise multiple parties simultaneously. That upgrade apparently was never made.
For stablecoin issuers specifically, the stakes run higher than for speculative DeFi protocols. Stablecoins carry an implicit promise of price stability. When that promise breaks under an exploit rather than a market move, it shakes the confidence of institutional users and retail holders alike, and raises hard questions about whether regulated status translates into operational security.
Frequently Asked Questions
What is a stablecoin depeg?
A stablecoin depeg occurs when a token designed to hold a fixed value, typically $1.00 or one euro, trades significantly above or below that peg. Depegs can stem from collateral failures, market panic, smart contract bugs, or, as in the StablR case, unauthorized minting through a compromised multisig key.
How did the attacker exploit StablR's minting system?
The attacker compromised one private key in StablR’s 1-of-3 minting multisig. That single key gave full control. They replaced the other signers, then minted 8.35 million USDR and 4.5 million EURR without any backing, before selling those tokens on decentralized exchanges for approximately $2.8 million in ETH.
Why did the attacker only net $2.8 million from $10.4 million in minted tokens?
Thin liquidity on the decentralized exchanges where the attacker dumped the tokens limited real proceeds. The minted tokens carried a face value of around $10.4 million, but available buy-side depth absorbed only 1,115 ETH worth of selling, capping actual proceeds at roughly $2.8 million.
Does Tether's investment in StablR create exposure from this exploit?
Tether invested in StablR as a strategic backer in December 2024, but the exploit targeted StablR’s own minting infrastructure. Tether’s core operations are separate. The investment is a reputational concern given Tether’s public endorsement, but no direct financial exposure flows through the exploit itself.
This article is for informational purposes only and does not constitute investment advice. Every investment and trading decision involves risk. Readers should conduct their own research before making any financial decisions.
private key compromise is the part that gets me. that means it wasnt a contract bug, the signer just got popped. did StablR run a multisig or was EURR sitting behind a single hot key?
USDR dropping 30 percent off a key leak is brutal
Seen this one before. Tether wobble in 2018, USDC at 88 cents during the SVB weekend in March 2023, now StablR. Same lesson every cycle: a stablecoin is only as solid as its weakest operational control. The 2.8M loss is small, but the EURR peg snapping on a Sunday tells me the desk had nothing on hand to defend it.