Resolv was able to burn about USR 9 million that was held by the attacker, but about $0.5 million of the ransom had been processed.
USR, a traditionally redundant stablecoin backed by ETH and maintained by the Resolv protocol, lost its peg on March 22 after an attacker issued millions of unbacked tokens and reportedly took out at least $25 million.
Here’s how the incident went down, according to blockchain analytics firm Chainalysis.
Attacker Uses Unlocking Key To Create $80M With USR Not Backed Up
In a thread posted to X earlier today, Chainalysis explained that an attacker gained access to Resolv’s AWS Key Management Service, where the privileged signing key is stored. Access allowed them to authorize transactional operations using the protocol’s own permissions.
There were two outstanding transactions, the first included 50 million USR, and the second added another 30 million to bring the total to 80 million tokens. But according to Chainalysis, the mining operations are funded by small USDC deposits worth between $100,000 and $200,000, which the hacker used to trigger the effects of the energy exchange.
They then moved quickly, converting the newly minted USR into a stake-wrapped USR (wstUSR), a derivative that represents part of the peg pool instead of a fixed token value. After that, they exchanged funds for other stablecoins and then for ETH, closing their tracks by going around isolated exchange pools and bridges.
Resolv Labs confirmed the breach, saying the unauthorized sewing was enabled by a compromised private key. The team temporarily suspended the contracts shortly after discovering the issue and was able to burn approximately 9 million USR that the attacker had. They also reported that approximately $0.5 million had been processed prior to the suspension.
According to Chainalysis, the attacker controlled about 11,400 ETH, worth about $25 million at the time of the theft. They also hold about 20 million wstUSR, which is set at a very low price.
You may also like:
USR Depegs
Immediately after the attack, USR fell to new lows near $0.14 per CoinGecko data. However, it has recovered slightly, but the price at press time still represents a drop of more than 57% in the last 24 hours.
According to the Resolv team, there are still at least 71 million recorded tokens in USR’s circulating supply, which CoinGecko puts at just north of 176 million tokens. However, the team has begun the process of using all the USR created before the incident, starting with authorized users.
This episode is particularly damaging, considering a recent survey conducted by Ripple found that 74% of financial managers see stablecoins as useful tools for managing cash flow and treasury operations. At the same time, 89% of them said that they prioritize security when choosing service providers, which points to the importance of protecting the infrastructure.
Resolv said it is working with partners, law enforcement, and analytics companies to track funds and recover assets, and warned users not to trade affected tokens during the recovery process.
Binance Free $600 (CryptoPotato Exclusive): Use this link to register a new account and get an exclusive $600 welcome offer on Binance (full details).
SPECIAL OFFER for CryptoPotato readers at Bybit: Use this link to register and open a free $500 position on any coin!
