StablR Breach Drains $2.8M as Euro Stablecoin Breaks Its Peg

StablR’s euro and US dollar stablecoins have depegged as an ongoing exploit targets the project’s minting multisignature account. Blockchain security firm Blockaid reports that its monitoring detected roughly $2.8 million extracted so far, with the attack traced to a compromised private key in a 1-of-3 minting threshold. The attacker added themselves, replaced the other owners, and minted 8.35 million USDR and 4.5 million EURR, triggering the depegging. The newly minted tokens were swapped on decentralized exchanges for about 1,115 ETH—roughly $2.8 million—due to thin liquidity. Blockaid characterized the incident as a governance and key-management failure rather than a flaw in a smart contract.

The disruption comes amid a troubling month for crypto and DeFi security, with DeFiLlama tallying more than a dozen major exploits so far in May. Notable incidents have included attacks on THORChain, the Verus Bridge, Echo Protocol, and Polymarket, underscoring the breadth of attack vectors facing the sector this year.

Key takeaways

• Attack traced to a compromised private key in StablR’s minting multisignature account, with a weak 1-of-3 threshold enabling the breach.
• EURR depegged to about $0.88 and USDR fell to about $0.70, reflecting the immediate impact of the minting attack on liquidity and confidence.
• Approximately $2.8 million has been extracted so far, with 8.35 million USDR and 4.5 million EURR minted and swapped for ETH due to liquidity constraints.
• Blockaid stresses that the incident is fundamentally a governance and key-management failure, not an obvious smart-contract bug.
• The broader DeFi landscape in May includes numerous high-profile exploits tied to private-key and governance weaknesses, reinforcing a pattern that investors and builders should monitor closely.

How the breach unfolded and what it means for StablR

StablR operates as a regulated, collateralized stablecoin issuer offering euro- and dollar-pegged tokens. The project emphasizes reserves held in segregated accounts at established institutions, along with proof-of-reserves and cross-chain availability on Ethereum and Solana. In December 2024, StablR also drew attention when Tether invested in the project to promote stablecoin adoption in Europe. The current incident, however, highlights a stark contrast between a stated governance framework and the practical realities of key-management in multisignature setups.

According to Blockaid, the perpetrator exploited a weak key-management arrangement within the minting multsig, then assumed control of the three-key setup by replacing the other owners. The attacker minted 8.35 million USDR and 4.5 million EURR, effectively depegging the two tokens from their $1 parity bands. The minted tokens were subsequently liquidated on decentralized exchanges for approximately 1,115 ETH, translating to around $2.8 million in proceeds given current liquidity conditions. Blockaid summarized the situation by stating that this is not a smart contract bug; it is a failure of key management and governance structures that should have prevented such a takeover.

StablR’s euro stablecoin, EURR, has a market capitalization near $14 million, while its US dollar token, USDR, sits around $11 million. In the present episode, CoinGecko-tracking data shows EURR slipping from parity toward the mid-$0.80s range, and USDR hovering around the $0.70 level as the incident unfolds. The depegging has raised questions about liquidity depth, reserve sufficiency, and the speed with which stablecoins can respond to coordinated governance- or key-management failures.

There is no sense that the underlying collateral model or reserve strategy has collapsed; rather, the attack underscores the practical risk of relying on multisignature governance without robust key-management controls, hardware security modules, and regular key-rotation and access reviews. StablR notes that reserves are held in segregated accounts at top-tier institutions and that it aims to maintain transparency via proof-of-reserves and cross-chain availability. The incident has also prompted scrutiny of the project’s governance processes and incident-response posture as it works to restore confidence among users and counterparties.

For investors and users relying on stablecoins, the episode serves as a reminder of the hidden frictions in governance-heavy models. While the project’s backing by a major stablecoin issuer—Tether—adds a layer of credibility, the immediate depeg demonstrates how quickly trust can erode when safeguarding critical private keys and governance rights falter. For participants, the questions are: what changes will StablR implement to harden its multisignature framework, how quickly will reserves be audited and disclosed, and what protections will be offered to users hurt by the depeg?

Broader security landscape: private-key exploits persist in DeFi

The StablR incident sits within a wider tapestry of security breaches this year that center on compromised keys and governance weaknesses. A sequence of recent exploits—Volo Vault, Wasabi Perps, Echo Protocol, and Polymarket—have all involved some manipulation of admin or private keys. Analysts warn that as DeFi ramps up, so do the attack surfaces tied to governance and access management. In parallel, Map Protocol—an Atlantis-style cross-chain map project—was breached when a smart contract vulnerability allowed an attacker to mint a quadrillion MAPO tokens, illustrating a spectrum of technical and governance flaws across ecosystems.

These events collectively highlight a recurring tension in DeFi: rapid innovation and high open access can outpace the development of secure, scalable governance and key-management practices. Industry observers argue that improving multi-party computation, hardware-backed key storage, formalized incident-response playbooks, and enhanced rotation and revocation protocols will be essential as protocols grow larger and more interconnected.

Notable coverage and updates from the security and analytics community, including PeckShield’s alerts and DeFi-focused trackers, continue to document the evolving risk environment. As the market digests ongoing fallout, users will be watching for tangible remedies from projects like StablR—clarified governance changes, enhanced key-management controls, and transparent post-incident disclosures that can help stabilize confidence and liquidity in the face of depeg events.

In this climate, the market remains vigilant for how quickly teams can respond to breaches, how robust their reserve disclosures remain, and what steps are taken to prevent recurrence. With May’s incidents accumulating, the sector could see accelerated adoption of best practices around governance hygiene, key security, and incident preparedness—outcomes that could ultimately contribute to a more resilient stablecoin ecosystem.

There were no updates on the StablR X feed at the time of writing, leaving stakeholders awaiting formal post-incident disclosures and the path forward for recovery. For those tracking the evolving DeFi security landscape, the StablR episode is a concrete reminder that governance design and key-management protocols are no less critical than code quality when it comes to protecting user funds.

As the story develops, readers should watch for StablR’s official incident report, any changes to its multisignature configuration, and forthcoming audits or proofs of reserves that could help restore trust. The broader question remains: will the industry tighten the screws on key management fast enough to prevent similar breaches from repeating across the expanding DeFi frontier?