Resolv issues 72-hour ultimatum to exploiter for 90% return of $25 million in funds
Quick Take
- Resolv Labs issued a 72-hour ultimatum on Monday, offering a 10% settlement bounty to an exploiter who minted 80 million unbacked USR tokens to extract roughly $25 million in funds.
We'd love your feedback.
Resolv Labs issued an ultimatum to the attacker behind Sunday’s $25 million exploit, offering to let the individual keep 10% of the stolen funds in exchange for returning the remainder within 72 hours.
According to an onchain message sent Monday, the Abu Dhabi-based stablecoin issuer set a recovery address and gave the exploiter until Thursday to transfer 90% of the converted assets, roughly $22.5 million in ether (ETH), along with any remaining USR tokens under the attacker’s control. The proposal also included an alternative white hat disclosure path.
Resolv warned that noncompliance within the 72-hour window would prompt escalation measures. These include coordination with centralized exchanges, bridges, and infrastructure providers to restrict or freeze assets, as well as public disclosure of addresses and transaction traces. The protocol also said it would engage blockchain analytics firms and law enforcement, and pursue legal action to recover damages.
The exploit occurred on March 22, when the attacker deposited roughly $200,000 in USDC into Resolv’s USR Counter contract and received 50 million USR in return, followed by a second transaction minting an additional 30 million USR. The attacker swapped the minted USR for stablecoins across decentralized exchanges and converted the proceeds into 11,409 ETH, per onchain data.
Analysts identified the breach as originating from a privileged minting role controlled by a single externally owned account, lacking maximum mint limits, oracle checks, or multi-signature authorization.
In its onchain message, Resolv said the exploit, though facilitated by a protocol vulnerability, was executed with clear malicious intent and generated unbacked tokens that could affect secondary market stability.
Resolv separately said it is in contact with all allowlisted users who held USR at the time of the incident, with redemptions for pre-incident USR now enabled for that group. Updates for other users would follow, it added.
Disclaimer: The Block is an independent media outlet that delivers news, research, and data. As of November 2023, Foresight Ventures is a majority investor of The Block. Foresight Ventures invests in other companies in the crypto space. Crypto exchange Bitget is an anchor LP for Foresight Ventures. The Block continues to operate independently to deliver objective, impactful, and timely information about the crypto industry. Here are our current financial disclosures.
© 2026 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
