A hacker exploited the Resolv platform, extracting roughly $25 million and causing its USR stablecoin to lose its dollar peg.
The attacker used a flaw in the protocol to mint around 50 million unbacked USR after depositing just 100,000 USDC.
“Either the oracle was deceived, the validator was compromised offline, or there is simply no algorithm to confirm the amount,”
Researchers said.
Following the exploit, the attacker rapidly converted USR into other assets and sold across platforms, draining liquidity and accelerating the token’s collapse.
USR fell to as low as $0.44 as slippage increased and market depth deteriorated during the sell-off.
The incident raises concerns about smart contract validation mechanisms and oracle reliability in DeFi stablecoin systems.
Resolv Labs said it is investigating the breach and working to mitigate losses, while the exploit aligns with the average $25 million damage seen in crypto protocol hacks.