Resolv Labs stablecoin hack

On-chain traces show the attacker was able to mint roughly 80 million USR tokens by abusing the protocol’s minting pathway. (blockaid.io) Analysis of the transactions indicates the actor deposited only about $100,000–$200,000 in USDC before triggering the mass mint, exploiting a privileged backend key reported as an AWS KMS/private‑key compromise. (dlnews.com) Resolv paused protocol operations, executed an emergency burn of roughly $9 million USR and said it has redeemed more than 90% of allowlisted, pre‑incident holders as part of its initial recovery phase. (ainvest.com) The incident propagated into DeFi rails: vault curators on Morpho reported direct exposure and the attacker used rapid DEX swaps and token routing to convert minted USR into staked variants and other assets. (dlnews.com) Post‑mortem writeups note the core failure was an off‑chain trust assumption—backend calls passed mint quantities straight into completeSwap() without on‑chain upper bounds or independent verification. (quillaudits.com) Resolv’s timeline places the onset of activity on March 22, 2026, with emergency halts and initial remediation steps taken within the next 48 hours. (coinalertnews.com) Forensic threads show the attacker moved supply through staking wrappers and stablecoin swaps before cashing out into Ethereum and other liquid assets, a pattern security teams are citing in their containment briefings. (ainvest.com)