Well, butter my biscuit and call me a blockchain novice-Resolv just announced that some digital ne’er-do-wells minted 80 million USR tokens and made off with a cool $25 million in ETH before anyone could say “pause the contracts.”
In what can only be described as a masterclass in digital derring-do, Resolv has spilled the beans on the March 22, 2026, security breach. Apparently, these cyber scallywags minted 80 million USR tokens through what we’ll charitably call “unauthorized transactions.” Because, you know, “theft” sounds so gauche.
Naturally, they didn’t stop there. These digital Robin Hoods (minus the whole “giving to the poor” part) swapped the tokens into ETH via decentralized exchanges, making off with a tidy $25 million. One can only assume they’re now sipping piña coladas on a blockchain-funded beach somewhere.
The Attack: A Tale of Third-Party Shenanigans
According to Resolv, this whole fiasco started outside their core systems. A contractor-who, let’s be honest, probably should’ve known better-had worked on a separate third-party project. That project, in a twist worthy of a soap opera, was compromised, and a GitHub credential was left exposed. Because nothing says “security” like leaving your digital keys in the front yard.
The attackers, bless their nefarious hearts, used this credential to waltz into some Resolv repositories. Once inside, they planted a harmful workflow that stole credentials without so much as triggering an outbound traffic alert. It’s like they read the “How to Be a Stealthy Cybercriminal” handbook cover to cover.
In a move that screams “professionalism,” the attackers then removed their own access from the repository, presumably to cover their tracks. Because, you know, nothing says “I’m innocent” like tidying up after yourself mid-heist.
With the stolen credentials, they gained access to Resolv’s cloud environment, where they proceeded to rummage around like a kid in a candy store. They reviewed services, searched for more keys, and even tried to cozy up to third-party integrations. Resolv called it a “multi-stage attack,” but let’s call it what it is: a digital treasure hunt gone horribly wrong.
Signing Authority: The Holy Grail of Crypto Heists
The attackers’ ultimate goal? Signing authority for minting operations. Early attempts were blocked by access controls, but these persistent rascals kept at it. They eventually found a higher-level infrastructure role that could modify key access policies. And just like that, they had the keys to the kingdom.
With signing authority in hand, they used the Counter contract to mint 50 million USR at 02:21:35 UTC. Because nothing says “early bird” like a midnight minting spree. They then swapped the tokens into ETH across multiple wallets, followed by a second mint of 30 million USR at 03:41 UTC. Talk about a productive morning.
– Resolv Labs (@ResolvLabs)
Resolv’s monitoring system, bless its silicon heart, detected the first unusual transaction in real time. The team sprang into action, preparing a response across backend and on-chain systems. Because, you know, nothing says “crisis management” like a 3 AM scramble.
Since the breach involved infrastructure access, the team had to identify the route used before they could contain the damage. It’s like trying to fix a leaky pipe while the water’s still gushing-fun for the whole family.
Read Also:
Inside the $11.8M ETH Dump That Earned a Hacker Nothing
Recovery: A Game of Digital Whack-a-Mole
The team halted backend services and paused the smart contracts at 05:16 UTC. At 05:30 UTC, they revoked the compromised credentials across the cloud system. Logs showed attacker activity as late as 05:15 UTC, which is either impressive dedication or a serious caffeine addiction.
After containment, Resolv began on-chain recovery actions. They’ve neutralized about 46 million USR through direct burns and blacklist functions, with the investigation into the remaining illicitly minted supply still ongoing. Because, you know, no heist is complete without a little cleanup.
Resolv is compensating pre-hack USR holders on a 1:1 basis, and they’ve already processed most eligible redemptions. Meanwhile, most protocol operations remain paused until further notice, because nothing says “we’re taking this seriously” like hitting the pause button.
The report noted that the breach wasn’t caused by one big, gaping hole but rather a series of smaller gaps across third parties and cloud permissions. It’s like a game of digital Whack-a-Mole, but with higher stakes and fewer mallets.
Moving forward, Resolv plans to implement on-chain mint caps, oracle price checks, automated pause systems, and tighter GitHub access rules. Because, as they say, hindsight is 20/20-and so is the need for better security.
Read More
- ‘Project Hail Mary’s Unexpected Post-Credits Scene Is Worth Sticking Around
- Beyond Accuracy: Gauging Trust in Human-AI Teams
- The most surprising Hannah Montana cameos: From John Cena to Dwayne Johnson and even a Coronation Street soap star as show celebrates its 20th anniversary
- Limbus Company 2026 Roadmap Revealed
- Total Football free codes and how to redeem them (March 2026)
- Clash of Clans April 2026 Gold Pass Season introduces a Archer Queen skin
- The Division Resurgence Specializations Guide: Best Specialization for Beginners
- After THAT A Woman of Substance cliffhanger, here’s what will happen in a second season
- Brawl Stars Sands of Time Brawl Pass brings Sandstalker Lily and Sultan Cordelius sets, along with chromas and more
- Gold Rate Forecast
2026-04-05 15:17