European stablecoin issuer StablR has suspended all issuance and redemption services for its USDR and EURR tokens following a cyberattack that allowed an attacker to mint approximately $13.5 million in uncollateralized tokens. The breach, which came to light over the weekend, has sent shockwaves through the stablecoin market and raised urgent questions about the security of multi-signature wallet configurations under the European Union’s Markets in Crypto-Assets (MiCA) regulation.
How the Exploit Unfolded
According to blockchain security firm GoPlus and on-chain investigator ZachXBT, the attacker targeted a critical weakness in StablR’s minting wallet: a 1-of-3 multisig setup. In such a configuration, only one of the three authorized signers is needed to execute transactions. The attacker gained control of a single private key, added themselves as an admin, removed the legitimate signers, and proceeded to mint 8.35 million USDR and 4.5 million EURR—tokens with a face value of $13.5 million but no underlying collateral.
The newly minted tokens were immediately dumped on decentralized exchanges, causing both stablecoins to lose their peg. USDR briefly dipped to $0.50 and later recovered to around $0.994, while EURR remains severely depegged at $0.548, far from the current euro-dollar rate of $1.16. The attacker managed to convert the tokens into roughly $2.8 million, limited by low liquidity on the platforms used.
Regulatory Fallout and MiCA Test
The incident has immediate regulatory consequences. StablR acknowledged in a public statement that “the circulating supply of both tokens is currently not fully backed at the 1:1 ratio” required by MiCA, effectively putting the company in breach of the EU’s landmark stablecoin rules. The Malta-based firm has already notified the Malta Financial Services Authority under the Digital Operational Resilience Act and has asked exchanges to halt trading, deposits, and withdrawals for USDR and EURR.
This marks the first major stress test for MiCA’s enforcement mechanisms. Regulators must now navigate a post-exploit recovery while ensuring consumer protection—a challenge that will be closely watched by other stablecoin issuers and regulatory bodies worldwide. CEO Gijs op de Weegh stated the company is acting “with full transparency” as external cybersecurity firms and law enforcement join the investigation.
Multisig Security Under Scrutiny
The breach highlights a broader vulnerability in the crypto industry: the reliance on low-threshold multisig wallets for critical administrative functions. While multisig is generally more secure than single-key systems, a 1-of-3 configuration offers minimal protection against a single point of failure. Security experts have long warned that such setups are effectively centralized, and StablR’s $13.5-million loss could accelerate calls for stricter security audits and mandatory insurance coverage for stablecoin operators under frameworks like MiCA.
For users still holding USDR and EURR, the outlook remains bleak. With redemption frozen and liquidity halted on major exchanges, the ability to exit positions is severely limited, crystallizing losses for many. The event serves as a stark reminder that a stablecoin’s reliability is only as strong as the security infrastructure controlling its minting and backing processes.
