StablR Stablecoins Exploited, $10M Lost

[fullfitlarry]

https://x.com/coinbureau/status/2058416826120589380

As what we say now, another day, another hack,

I don't know what to say here, this is another stable coin though, so we all know that there could be some stable coins that are more solid as compare to the exploited stable coins.

But still there, it's no longer safe and those people behind this project still haven't learn their lessons to hardened their security.


Anyone has used this stable coins before or are into it prior to the hack?
What can you say about the hack though, are you guys affected?

[sergiorus]

Is there more info on how it happened? Which tech was flawed or who is at fault?

They mentioned CCTP for some weird reason? Why? What does the fact that the attacker's wallet was funded via it have to do with anything? Seems like a clickbait for engagement because no names involved in it would catch anyone's attention.

[coinrifft]

Is there more info on how it happened? Which tech was flawed or who is at fault?

They mentioned CCTP for some weird reason? Why? What does the fact that the attacker's wallet was funded via it have to do with anything? Seems like a clickbait for engagement because no names involved in it would catch anyone's attention.

I don't know if you can call it a clickbait though as upon checking, several crypto related news magazines and another investigator has reported it already. So this could be true at all and they all wanted to report this news.

As to what happened, this is just initial investigations and maybe in the next couple of days we might see the post-mortem on how the attacker drain and exploit this stable coin. Although I'm not familiar with it, just the first time that I have heard StablR.

[sergiorus]

Is there more info on how it happened? Which tech was flawed or who is at fault?

They mentioned CCTP for some weird reason? Why? What does the fact that the attacker's wallet was funded via it have to do with anything? Seems like a clickbait for engagement because no names involved in it would catch anyone's attention.

I don't know if you can call it a clickbait though as upon checking, several crypto related news magazines and another investigator has reported it already. So this could be true at all and they all wanted to report this news.

As to what happened, this is just initial investigations and maybe in the next couple of days we might see the post-mortem on how the attacker drain and exploit this stable coin. Although I'm not familiar with it, just the first time that I have heard StablR.

I understand that it indeed has happened but the thing is, it happened with a product barely anyone uses and the amount lost is not big enough to make anyone interested in this news.

However, a crypto enthusiast could be interested in what exactly caused the loss as it may be directly affecting their investment as we have recently seen with several hacks where the Layerzero tech was at fault.

Here they mentioned CCTP (Circle's transferring protocol), one of the biggest names in the game but only because ''the attacker's wallet was funded by it'' so I suppose CCTP wasn't really involved.

What most likely has happened is that another ghost protocol failed because the devs screwed up and didn't even keep an eye on it and the media tabloids are trying to make the story look more interesting than it is.

[MArsland]

If I'm not mistaken, 2026 is the year when exploitation activities are most massive than previous years. A stern warning to any crypto ecosystems that are currently safe might need to take a look. USDR has lost its resilience and now they are clearly on the verge of bankruptcy, huge amounts have been drained in a short period of time.
 As I write the price is now $0.6.

[asriloni]

The multi sig wallet only needed one of three signature to activate the mint feature. So we can predict its the team behind this project that already had bad intention. I guess this most probably an insider who kill his own project.

If the team behind this project is serious enough in building the securit of their multi sign. It's gonna need at least 4 - 5 signature approval with more than 10 signature in total to ensure the money is always safe.

This is just another insider job.

[jossiel]

Anyone has used this stable coins before or are into it prior to the hack?
What can you say about the hack though, are you guys affected?

I haven't used this stable coin and I am not affected with this. When it's with these stable coins, it's easier to pick the ones that are known and with names already.

Depending on the usage but if we are using stable coins, it's better to stick to the common ones like USDT, USDC and DAI.

They're almost in every network if someone wants to save some fees for transfer. Depegging is what normally happens when these exploits or hacks happen. I've seen it with the few ones before.

[shinratensei_]

Its always minting exploit, the developers aren't smart enough to keep their private key secure and 1 out of 3 multisign is insanity, I see this as the developers don't care enough about security.
Remember that 1-of-3 multisig is actually weaker than your single key wallet .

As much as I love decentralization, I honestly think governments should require stablecoin issuer to use enterprise grade stablecoin stack services with high grade security.
It's not like stablecoin are decentralized anyway, just a web2 thing getting represented in web3 spaces. All these hacks have destroyed the reputation of web3 and make people question about the real security.

[hugeblack]

This is just another insider job.

Or perhaps someone connected to one of these "free Wi-Fi" ( "Evil Twin" attacks).

To be honest, the error lies with the users. The protocol has limited use, and it's likely the developers lack the necessary expertise to manage it. Therefore, such a loss of funds is possible. If 10 million caused the loss of the $1 peg, it indicates that the reported liquidity volumes are inaccurate.