Weex
StakeDAO Exploit: 5.4 Trillion vsdCRV Minted via Compromised Private Key
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
On May 27, 2026, a hacker exploited StakeDAO by compromising its deployer private key, minting over 5.4 trillion vsdCRV tokens on Arbitrum. The attacker swapped a portion of these tokens for approximately $91,000 worth of ETH. StakeDAO, a DeFi protocol, has advised users to cease interactions with vsdCRV immediately. The exploit leveraged a manipulated cross-chain messaging system, allowing the attacker to issue mint commands by replacing the legitimate authorized address. This incident is part of a troubling trend in DeFi exploits, with significant financial losses reported across multiple protocols. StakeDAO's governance token, SDT, saw a 6.6% drop in value following the incident. The exploit's impact extended to Curve Finance, prompting warnings for users with deposits in affected markets. The situation remains ongoing as StakeDAO works on remediation.
Key Points: • A hacker minted 5.4 trillion vsdCRV tokens after compromising StakeDAO's deployer key. • The exploit allowed the attacker to swap some tokens for approximately $91,000 in ETH. • StakeDAO has advised users to stop interacting with vsdCRV due to the ongoing exploit.