Resolv Protocol Hit with $25M Heist via Compromised Private Key

A major security breach has struck the cryptocurrency market, resulting in the theft of at least $25 million from Resolv Labs' USR stablecoin. The incident occurred on March 22 when an attacker exploited the protocol's AWS Key Management Service to gain access to a privileged signing key.

Using this compromised key, the perpetrator was able to authorize minting operations, creating over 80 million unbacked USR tokens. These tokens were then converted into wrapped staked USR (wstUSR) and swapped for other stablecoins and Ethereum.

Resolv Labs has confirmed the breach and taken steps to mitigate its effects, including pausing contracts and burning nearly 9 million USR tokens held by the attacker. However, approximately 71 million illicitly minted tokens remain in circulation, causing a significant drop in value for the stablecoin.