StablR stablecoin exploit tanks EURR and USDR to $0.88 and $0.70

The StablR stablecoin exploit sent the issuer’s flagship tokens off their pegs and quickly rattled confidence in a project built around regulated, collateralized stablecoins. EURR fell to about $0.88, while USDR dropped to roughly $0.70 after a security incident that, according to blockchain security firm Blockaid, began with an alleged compromise of a private key tied to a minting multisig account.

What stands out is not just the theft. It is how fast trust broke. In stablecoins, price usually signals reliability. In this case, the market moved the other way, treating the breach as a direct test of StablR’s controls and its ability to defend issuance.

That reaction matters because StablR has positioned EURR and USDR as regulated and collateralized assets with reserves held in segregated accounts. However, the selloff showed a familiar crypto truth: even reserve-backed tokens can come under pressure when governance and key security are questioned.

How the StablR stablecoin exploit happened

Blockaid points to a private-key compromise

Blockaid said an attacker may have compromised a private key in a minting multisig account on Ethereum. That access appears to have given the attacker entry into one of the most sensitive parts of the issuer’s infrastructure: the authority to control token creation and administration.

The StablR stablecoin exploit is being framed by Blockaid as an access-control failure rather than a flaw in code. That distinction matters because it shifts attention away from a broken smart contract and toward the human and operational layer behind the system.

Unauthorized minting and admin replacement

After gaining that access, the attacker allegedly replaced administrators and minted 8.35 million USDR and 4.5 million EURR. Those newly created tokens then became the engine of the depeg.

In practical terms, this is why users and traders responded immediately. Unauthorized minting hits the core promise of a stablecoin issuer: that supply is controlled, redeemable, and matched to a credible backing model. Once that assumption weakens, markets tend to punish the token first and wait for explanations later.

The market impact of the StablR stablecoin exploit

Token swaps and reported profit

Blockaid said the attacker swapped tokens valued at approximately $10.4 million for about 1,115 ETH on decentralized exchanges. The attacker reportedly made about $2.8 million in profit.

Those numbers help explain why the damage spread so quickly. A forced conversion of freshly minted tokens into ETH can drain already limited liquidity and magnify price dislocations. In a thinner market, even a smaller exploit can create an outsized move.

This is one of the clearest reasons the incident matters for the broader stablecoin sector. A token can be collateralized on paper, but if liquidity is shallow and governance controls fail, the market may still treat it as fragile. That is especially relevant for newer issuers trying to win trust in a field dominated by larger, more battle-tested names.

EURR depeg and USDR depeg deepen the damage

The price damage was immediate. EURR fell to about $0.88, while USDR sank to around $0.70.

That put both tokens firmly in depeg territory and showed how quickly confidence can evaporate after a multisig key compromise. For traders, the EURR depeg and USDR depeg were not just isolated price moves. They were a live signal that the market was reassessing operational risk at the issuer level.

PeckShield also flagged the EURR dislocation, adding to the visibility around the event as the tokens traded away from parity.

What Blockaid says went wrong

Blockaid said the incident was a governance and key-management failure, not a smart contract bug.

That distinction carries weight well beyond StablR. In crypto, smart contract exploits often dominate headlines, but private-key compromise and admin-control failures can be just as damaging. A multisig key compromise can bypass the assumptions users make about safety, especially when the weak point sits at the issuer layer rather than inside a public contract.

It also sharpens the debate around what “secure” means for stablecoins. Strong reserves and regulatory positioning may help establish credibility, but they do not replace strict operational security. If key management breaks down, the stability promise can unravel in hours.

What StablR says about its model

Regulated and collateralized reserves under pressure

StablR says its stablecoins are regulated and collateralized, with reserves in segregated accounts. The tokens are available on Ethereum and Solana, and the project has drawn notable backing, including an investment from Tether in December 2024.

That backdrop makes the incident more than a niche protocol story. It lands at a time when stablecoins are moving closer to mainstream financial use, and it raises a harder question for the market: how much weight should investors place on reserve structure if governance controls can still be compromised?

The answer is likely to shape how smaller issuers are judged from here. In a month already marked by a broader wave of DeFi exploits, the StablR stablecoin exploit adds another reminder that stability depends on more than collateral. It also depends on who controls the keys, how authority is divided, and whether the market believes those protections will hold under pressure.