StablR EURR and USDR Stablecoins Hit by $3M Suspected Exploit

Blockchain investigator ZachXBT flagged a suspected exploit on Saturday affecting two token contracts linked to StablR’s EURR and USDR stablecoins. The attacker’s wallet was funded through Cross‑Chain Transfer Protocol on Noble, a Cosmos‑based hub. Losses are estimated to exceed $3 million.

The simple read is straightforward: a $3 million exploit damages confidence in any stablecoin issuer, particularly one that markets itself as a compliant European alternative. The better market read runs deeper. The attack vector via CCTP indicates cross‑chain sophistication. That raises questions about StablR’s contract security, its admin controls, and whether the compromised contracts were tied to minting or reserve management functions. If the exploited contracts can still mint or redeem, the damage could propagate to on‑chain liquidity pools and collateral backing EURR and USDR.

The Suspected Exploit: $3M Drained from EURR and USDR Contracts

StablR is a Maltese stablecoin issuer focused on regulated infrastructure for merchants and institutions. It issues EURR (pegged to the euro) and USDR (pegged to the US dollar). The company raised €3.3 million in seed funding in 2023, with backing from Deribit, Maven 11, Theta Capital, Folkvang, and Blocktech. In 2024, Tether made a strategic investment as part of its push into European stablecoin regulation.

The attacker used Cross‑Chain Transfer Protocol on Noble to fund the exploiter address. This choice of routing suggests the attacker aimed to obscure the funding trail through Cosmos‑based cross‑chain flows. The estimated $3 million loss is material relative to StablR’s seed round, though small compared with Tether’s balance sheet. The reputational damage, however, could be disproportionate for a firm that positioned security and compliance as its central differentiators.

Exposure: StablR’s Regulatory Positioning and Backer Implications

Tether’s investment in StablR was widely read as a signal that regulated European stablecoin issuers could attract institutional support. A successful exploit on a licensed issuer undermines that narrative. Regulators may view this as evidence that even firms that meet local compliance standards remain vulnerable to on‑chain attacks.

The affected tokens are EURR and USDR. Both are live on Ethereum and possibly other networks. Their on‑chain liquidity pools, likely on decentralized exchanges, face de‑peg risk if holders rush to redeem or if trading pairs lose confidence. StablR has not yet issued a formal statement beyond the ZachXBT report.

What Determines the Next Move for StablR’s Stablecoins

Several factors will decide whether this remains a contained event or broadens into broader market stress for StablR’s ecosystem.

Actions that would reduce the risk:

• StablR pauses minting and redemptions for the affected token contracts.
• The team isolates the compromised addresses and works with law enforcement or blockchain forensics firms to trace the funds.
• If the exploited contracts were test or upgradeable proxies, emergency shutdown mechanisms may limit further losses.

Actions that would worsen the risk:

• The attacker drains additional contract balances or uses the same vector to access reserve wallets.
• EURR or USDR begin trading below peg on major DEXs, triggering liquidation cascades.
• Tether publicly distances itself from StablR, which would compound the trust deficit.

At present, the only public confirmation is ZachXBT’s alert and the on‑chain data showing the attacker’s funding flow via Noble CCTP. The next decision point is StablR’s official response. Traders should monitor whether the company can halt the exploited contracts and whether the attacker moves the $3 million through mixers or further cross‑chain transfers. Any communication from Tether regarding its investment status will also shape market sentiment around regulated stablecoins.