Resolv Labs wrote that the protocol was compromised, and they allowed attackers to mint approximately 50m USR tokens without backing. In essence, those tokens just came out of thin air bypassing the collateral provisions.
Resolv has experienced an exploit that allowed the attackers to mint 50mn of unbacked USR. The team has currently paused all the protocol functions to prevent further malicious actions and is actively working on recovery.
In response, the team immediately paused all protocol functions. This includes minting, redemption, and other core operations. The goal is to stop further damage while a full investigation is underway.
On-chain evidence indicates that the bad guy was fast after being broken. They minted up to 80 million USR with the help of approximately 200,000 USDC. A large portion of the minted USR was then used to acquire ETH: 44.78 million USR was swapped to 11,437 ETH. This ETH amount was estimated the value of about $23.85 million.
Approximately 35.14 million USR has still in attacker’s wallet. All shows a clear tactic: quickly transfer synthetic or unbacked assets into highly liquid crypto as soon as possible. The obvious choice is ETH which is one of the hottest. The velocity gives us an idea that the attacker was familiar with the exploit.
The next steps often include: Identifying core reason of the exploitation; Evaluating the total losses and the amount of unbacked assets; Coordinating with partners or exchanges to track funds. USR relies on minting mechanisms tied to collateral deposits. If that mechanism is bypassed, the system can inflate supply instantly.
In this case, the attacker effectively created value without depositing equivalent assets. The large portion of the money is already in ETH, and thus it is more difficult to retrieve it. As soon as the assets enter liquid markets, it is much more difficult to identify them and retrieve them.
Resolv Labs reported that the protocol was compromised, enabling attackers to mint approximately 50m USR tokens without backing. In essence, those tokens came out of thin air, bypassing collateral provisions. Resolv has experienced an exploit that allowed the attackers to mint 50mn of unbacked USR.
The team has currently paused all the protocol functions to prevent further malicious actions and is actively working on recovery. In response, the team immediately paused all protocol functions. This includes minting, redemption, and other core operations. The goal is to stop further damage while a full investigation is underway.
On-chain evidence shows the attacker minted up to 80 million USR with the help of approximately 200,000 USDC. A large portion of the minted USR was then swapped for ETH, with 44.78 million USR converted to 11,437 ETH, valued around $23.85 million. Approximately 35.14 million USR remains in the attacker’s wallet.
That rapid mint-and-swap pattern indicates a strategy of moving synthetic or unbacked assets into highly liquid crypto, with ETH as a favored destination. The incident prompted Resolv to halt operations and pursue restoration methods. The next steps will focus on identifying the exploitation’s root cause, assessing losses, and coordinating with partners to trace funds.
USR relies on minting mechanisms tied to collateral deposits. If that mechanism is bypassed, the system can inflate supply instantly. In this case, the attacker effectively created value without depositing equivalent assets. The large portion of the money is already in ETH, and thus it is more difficult to retrieve it. As soon as the assets enter liquid markets, it is much more difficult to identify them and retrieve them.
Resolv Labs reported that the protocol was compromised, enabling attackers to mint approximately 50 million USR tokens without backing. In essence, those tokens came out of thin air, bypassing collateral provisions. The team has paused all protocol functions to prevent further malicious actions and is actively working on recovery.
On-chain evidence shows the attacker minted up to 80 million USR with the help of approximately 200,000 USDC. A large portion of the minted USR was then swapped for ETH, with 44.78 million USR converted to 11,437 ETH, valued around $23.85 million. Approximately 35.14 million USR remains in the attacker’s wallet.
This rapid mint-and-swap pattern indicates a strategy of moving synthetic or unbacked assets into highly liquid crypto, with ETH as a favored destination. The incident prompted Resolv to halt operations and pursue restoration methods. The next steps will focus on identifying the exploitation’s root cause, assessing losses, and coordinating with partners to trace funds.
USR relies on minting mechanisms tied to collateral deposits. If that mechanism is bypassed, the system can inflate supply instantly. In this case, the attacker effectively created value without depositing equivalent assets. The large portion of the money is already in ETH, and thus it is more difficult to retrieve it. As soon as the assets enter liquid markets, it is much more difficult to identify them and retrieve them.
Resolv Labs reported that the protocol was compromised, enabling attackers to mint approximately 50 million USR tokens without backing. In essence, those tokens came out of thin air, bypassing collateral provisions. Resolv has experienced an exploit that allowed the attackers to mint 50mn of unbacked USR.
The team has paused all protocol functions to prevent further malicious actions and is actively working on recovery. On-chain evidence shows the attacker minted up to 80 million USR with the help of approximately 200,000 USDC. A large portion of the minted USR was then swapped for ETH, with 44.78 million USR converted to 11,437 ETH, valued around $23.85 million. Approximately 35.14 million USR remains in the attacker’s wallet.
That rapid mint-and-swap pattern indicates a strategy of moving synthetic or unbacked assets into highly liquid crypto, with ETH as a favored destination. The incident prompted Resolv to halt operations and pursue restoration methods. The next steps will focus on identifying the exploitation’s root cause, assessing losses, and coordinating with partners to trace funds.
USR relies on minting mechanisms tied to collateral deposits. If that mechanism is bypassed, the system can inflate supply instantly. In this case, the attacker effectively created value without depositing equivalent assets. The large portion of the money is already in ETH, and thus it is more difficult to retrieve it. As soon as the assets enter liquid markets, it is much more difficult to identify them and retrieve them.
Leave a Reply