StakeDAO Exploit: 5.4 Trillion vsdCRV Minted via Compromised Private Key

StakeDAO Exploit: 5.4 Trillion vsdCRV Minted via Compromised Private Key

First seen 27 May 2026, 15:27 UTC Theblock.CoCryptobriefingBitgetWeexPluang+2 85% similarity 68.0

Article Content

Browse articles
ThreatCluster

On May 27, 2026, a hacker exploited StakeDAO by compromising its deployer private key, minting over 5.4 trillion vsdCRV tokens on Arbitrum. The attacker swapped a portion of these tokens for approximately $91,000 worth of ETH. StakeDAO, a DeFi protocol, has advised users to cease interactions with vsdCRV immediately. The exploit leveraged a manipulated cross-chain messaging system, allowing the attacker to issue mint commands by replacing the legitimate authorized address. This incident is part of a troubling trend in DeFi exploits, with significant financial losses reported across multiple protocols. StakeDAO's governance token, SDT, saw a 6.6% drop in value following the incident. The exploit's impact extended to Curve Finance, prompting warnings for users with deposits in affected markets. The situation remains ongoing as StakeDAO works on remediation.

Key Points: • A hacker minted 5.4 trillion vsdCRV tokens after compromising StakeDAO's deployer key. • The exploit allowed the attacker to swap some tokens for approximately $91,000 in ETH. • StakeDAO has advised users to stop interacting with vsdCRV due to the ongoing exploit.

ThreatCluster AI

Timeline

2026-05-27
StakeDAO exploit confirmed
A hacker compromised StakeDAO's deployer private key, minting over 5.4 trillion vsdCRV tokens.
Thedefiant
2026-05-27
User warnings issued
StakeDAO warned users to stop interacting with vsdCRV due to the exploit.
Cryptobriefing
2026-05-27
ETH conversion reported
The attacker converted part of the minted tokens into 43.78 ETH, worth around $91,000.
Theblock.Co
2026-05-27
StakeDAO governance token drops
Following the exploit, StakeDAO's SDT token fell approximately 6.6% in value.
Thedefiant

Community

Browse all →