StablR USDR EURR hack freezes minting and redemption after unbacked supply

A StablR USDR EURR hack has pushed one of Europe’s stablecoin issuers into emergency mode, freezing minting and redemption for both tokens after attackers minted millions of dollars in unbacked supply. The breach did more than shake prices. It also exposed a compliance problem, leaving USDR and EURR under-collateralized and short of the 1:1 backing required under Markets in Crypto-Assets, or MiCA, rules.

The disruption quickly spread from security to market structure. USDR and EURR briefly lost as much as 50% of their peg, a sharp break for tokens designed to trade as stable assets. StablR also moved to freeze token operations and asked exchanges to halt trading, deposits and withdrawals while it investigates.

What makes this episode stand out is that it hits both trust pillars of a stablecoin at once: custody and backing. A cyberattack created the imbalance, but the aftermath now puts StablR in the uncomfortable position of managing both a technical breach and a regulatory fallout.

StablR freezes USDR and EURR after cyberattack

StablR suspended minting and redemption services for USDR and EURR after the attack, according to the company’s statement. The issuer said the circulating supply of both tokens is currently not fully backed at the 1:1 ratio required by MiCA.

That is the central issue now.

Stablecoins are meant to maintain confidence through redeemability and reserve backing. Once that link breaks, even temporarily, the damage spreads beyond price. In this case, the StablR USDR EURR hack turned a security incident into a compliance event, with direct implications for users, trading venues and regulators watching Europe’s post-MiCA market.

USDR has a market capitalization of about $20 million, while EURR stands at about $10 million, based on CoinGecko data cited in the report.

How the exploit worked

The breach was linked to a weakness in a 1-of-3 multisignature wallet, according to GoPlus. In practical terms, that setup meant any one of three authorized owners could approve transactions alone.

Researchers said the attackers compromised a single key, added themselves as an administrator and removed the legitimate signers. From there, they were able to mint roughly 8.35 million USDR and 4.5 million EURR.

At peg value, that amounted to about $13.5 million in unbacked tokens.

The attackers did not walk away with the full face value. Because liquidity on decentralized exchanges was thin, they reportedly netted roughly $2.8 million after offloading the newly minted supply.

That gap matters. It shows how even a smaller cash-out can leave a much larger hole in the backing of a stablecoin. For holders, the real damage is not just what the attackers made, but what the unauthorized minting did to reserves, redemption confidence and market pricing.

Peg damage and market impact

The market reaction was immediate. USDR and EURR briefly lost up to 50% of their peg after the exploit surfaced.

Prices later showed a split recovery. USDR traded at $0.994, much closer to its intended level, while EURR remained significantly weaker at $0.548.

That uneven rebound says a lot about market confidence. Traders may be treating USDR as more salvageable in the short term, while EURR appears to be facing deeper skepticism. The size of the market caps, liquidity conditions and the shock from unbacked issuance all likely shaped that response based on the figures available.

For users, this is why stablecoin breaches matter differently from typical token hacks. A stablecoin is supposed to function as cash-like infrastructure. When it breaks, it can disrupt payments, collateral assumptions and exchange activity all at once.

MiCA and regulator fallout from the StablR USDR EURR hack

StablR said USDR and EURR are not fully backed at the 1:1 ratio required under MiCA, making this more than a trading story. It is also a test of how Europe’s stablecoin framework responds when a live issuer falls out of compliance after an attack.

The company said it plans to notify Malta’s financial regulator, the Malta Financial Services Authority, under MiCA reporting rules and the EU’s Digital Operational Resilience Act. External cybersecurity firms and law enforcement agencies are also involved.

This is one of the clearest reasons the incident matters beyond StablR itself. MiCA was designed to bring tighter standards and more credibility to the European crypto market, especially around reserve-backed tokens. A breach that leads directly to under-collateralization puts those rules into the spotlight in a very real way.

It also raises a tougher industry question: compliance on paper is not enough if wallet controls fail in practice. In this case, the reported 1-of-3 multisig design became the weak point that let the attackers mint unbacked supply in the first place.

Why the MiCA stablecoin breach is drawing attention

Several elements have made this incident especially notable. First, attackers allegedly minted about $13.5 million in unbacked USDR and EURR, but still only netted roughly $2.8 million after selling into thin decentralized exchange liquidity. Second, the hack left both tokens under-collateralized, triggering a direct MiCA backing issue rather than only a short-term market scare.

The exploit was also publicly flagged by onchain investigator ZachXBT, adding visibility just as the tokens came under pressure. Meanwhile, Chief Executive Officer Gijs op de Weegh said the company is acting “with full transparency” as the investigation continues.

For the broader market, the StablR USDR EURR hack is a reminder that stablecoin resilience depends on more than branding, market cap or regulatory alignment. It depends on whether the systems controlling issuance can withstand a real attack. In Europe’s regulated crypto market, that may be the standard that matters most now.