StablR Suffers $2.8 Million Exploit, EURR and USDR Lose Peg

On May 24, exploit detection platform Blockaid identified an active vulnerability in StablR’s blockchain infrastructure used for stablecoin issuance and operations. The attack targeted the smart contracts behind StablR Euro (EURR) and StablR USD (USDR). According to the company, the incident was caused by a compromised multisig key.

Blockaid analysts reported that the attackers gained access to one of the private keys used in the token minting multisig system, which was enough to take full control of the smart contracts. The attackers minted 8.35 million USDR and 4.5 million EURR, bringing the total face value of the unauthorized issuance to around $10.4 million.

According to Blockaid, the attackers used a cross-chain bridge on the Noble platform within the Cosmos ecosystem to fund the operation. The newly minted tokens were swapped through decentralized exchanges for 1,115 ETH, worth nearly $2.8 million. The large gap between the amount minted and the actual extracted value was attributed to low liquidity.

Following the exploit, both stablecoins lost their peg to underlying assets. As of May 25, 11:30 GMT+2, EURR was trading at $0.47, more than 55% below its nominal value, while USDR was trading at $0.97, around 3% below par.

Blockaid emphasized that the incident was not caused by a vulnerability in the smart contract code itself. According to analytics, the exploit became possible due to weaknesses in key management and insufficient multisig protection.

Several hours after the attack, the StablR team confirmed the incident and stated that it was working to contain the impact and minimize losses.

According to Global Ledger data, in 2025, in approximately 68% of attacks, funds began moving before the breach became public knowledge. More details on how AML teams can reduce response times and stay ahead of attackers are available in CP Media’s dedicated report.