符合 MiCA 規範的歐元穩定幣在 1-of-3 Multisig 漏洞導致數百萬美元遭竊後，與美元脫鉤至 $0.85

📄完整原文· 由 trafilatura 自動擷取5083 字

Malta-based stablecoin issuer StablR suffered a security incident on Sunday, after an attacker exploited a weak multisig configuration to mint millions of unbacked EURR and USDR tokens and dump them on decentralized exchange ( DEX) platforms. MiCA Compliant Euro Stablecoin Depegs to $0.85 After 1-of-3 Multisig Exploit Drains Millions Key Takeaways - StablR’s EURR dropped to $0.85, and USDR fell between $0.40 to $0.64 on May 24 after attackers minted unbacked tokens. - A 1-of-3 multisig threshold reportedly let attackers hijack minting controls, draining roughly $2.8M in ETH. - Onchain observers flagged StablR’s alleged weak multisig setup as a governance risk that MiCA regulation did not prevent. EURR Drops 24%, and USDR Falls 37% as StablR’s Two Stablecoins Depeg After Key Exploit Reports say the breach did not stem from a smart contract flaw. Attackers reportedly gained access to a single private key controlling a 1-of-3 multisig wallet that governed StablR’s minting function. With one key, the attacker removed legitimate signers, added a controlled address, and issued tokens without collateral backing. At 8:10 a.m. ET on Sunday, StablR addressed the issue on X, stating: “Security update: We have identified an exploit affecting StablR and are actively working to contain it and minimize impact. Protecting our users and your funds is our top priority. We’ll share verified details and next steps as soon as possible.” Onchain analysts estimated the attacker minted approximately 8.35 million USDR and 4.5 million EURR before selling them across DEX trading pairs with thin liquidity. The extracted value was reported at roughly 1,115 ETH, equivalent to approximately $2.8 million, though total unbacked token issuance may have reached $10.4 million. The selling pressure broke both pegs quickly. EURR fell to $0.85, down close to 24%. USDR dropped further, trading at $0.64, a decline of nearly 36% year-to-date. USDR tapped an intraday low of $0.40. Both tokens also fell sharply against the U.S. dollar, bitcoin, and ethereum. StablR markets EURR as a euro-pegged stablecoin and USDR as a dollar-pegged token, both positioned as regulated instruments under the European Union’s Markets in Crypto-Assets (MiCA) framework with proof-of-reserves disclosures. The company bridges traditional finance and decentralized finance markets. Security firm Blockaid flagged the incident publicly, describing the 1-of-3 threshold as a “key management and governance failure.” Many observers commented that a single compromised key should not carry the power to issue currency, yet allegedly StablR’s configuration allowed exactly that. “EURR issuance was controlled by a 1/3 multisig implementation (not Safe) whose signers the alleged attacker replaced,” one X account wrote on Sunday. “They then continued to transfer and mint new EURR to sell on secondary markets, leading to a secondary market depegs. It is worth noting that StablR has previously stated they use Tether’s Hadron tokenisation platform to power EURR issuance.” The individual added: “If this is an exploit, it is the first of its kind for a MiCA compliant stablecoin.” While StablR acknowledged the exploit through its official X accounts, no detailed technical postmortem or recovery timeline was available as of the time of writing. Community analysts on X debated loss estimates ranging from $2.8 million to $10.4 million throughout the day. The wide variance reflects the difference between the ethereum ( ETH) extracted and the total face value of unbacked tokens introduced to the market. The incident fits a pattern seen across stablecoin issuers where administrative control rather than contract code is the point of failure. Higher multisig thresholds, time-locks on minting functions, rate limits, and anomaly detection systems are standard mitigations for stablecoin networks. The MiCA regulatory framework, designed to bring accountability to stablecoin issuers operating in Europe, does not appear to have required the operational controls that would have prevented this attack. Regulators and auditors may face pressure to address key management standards more directly following this event. Holders of EURR and USDR should monitor StablR’s official channels for updates on any planned burn of the unbacked supply, reserve replenishment, or compensation. Major U.S. dollar stablecoins, including USDT and USDC were not affected. The broader stablecoin market absorbed the event without significant contagion, but the StablR incident adds to a growing record of smaller and regionally focused issuers losing peg control through governance failures rather than code vulnerabilities. Libra Trust Prepares to Distribute Controversial Crypto Millions to Argentine Companies Libra Trust Prepares to Distribute Controversial Crypto Millions to Argentine Companies Over a year after the token's demise, the Libra Trust has arranged a strategy to fund nearly 71 companies that… Read NowOver a year after the token's demise, the Libra Trust has arranged a strategy to fund nearly 71 companies that…

資料狀態✓ 已擷取全文閱讀原文（Bitcoin.com）

🔍歷史類似事件· 關鍵字 + 標的比對6 則

2026-04-21

歐洲銀行利用 Fireblocks 發行符合 MiCA 規範的歐元穩定幣

相似度 200%關鍵字 euro/compliant/stablecoin

2026-05-22

Polymarket 表示私鑰遭洩漏導致 573K 美元被盜，並非合約漏洞所致

相似度 180%關鍵字 exploit/after/drains

2026-04-30

Solana Yield Protocol Carrot 在 Drift 遭駭導致 800 萬美元 TVL 被盜後關閉

相似度 150%關鍵字 exploit/after/drains

2026-05-24

StablR Stablecoins 在 280 萬美元的駭客攻擊後發生脫鉤（Depeg）

相似度 130%關鍵字 exploit/after

2026-05-24

ECB 反對歐元穩定幣提案，稱其存在銀行借貸風險

相似度 130%關鍵字 euro/stablecoin

2026-05-24

StablR Euro and USD stablecoins depeg amid ongoing $2.8M exploit

相似度 130%關鍵字 euro/exploit

💡 目前用關鍵字 + 標的比對（MVP）· 之後會升級為 embedding 語意搜尋

原始資訊

ID：0ff3b9f566

來源：Bitcoin.com

發佈：2026-05-24 12:01:55

分類：一般 · 導出分類 neutral

標的：未指定

社群投票：+0 / −0 · ⭐ 0 重要 · 💬 0 留言