Resupply is the latest decentralized stablecoin protocol to face a multi-million-dollar hack
Resupply, a decentralized stablecoin protocol, was hacked earlier today due to a bug that allowed the attackers to manipulate its internal data.
According to an X post by Cyvers Alerts, the hacker received the initial funds for exploiting the protocol from the popular crypto mixer Tornado Cash.
🚨ALERT🚨Our system has detected a suspicious transaction involving @ResupplyFi, with losses estimated at $9.6M.
Attacker funded via @TornadoCash manipulated #cvcrvUSD price, causing exchangeRate in ResupplyPair to hit zero due to floor division enabling massive #reUSD borrowing… pic.twitter.com/fU1LEUxO0t
— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) June 26, 2025
The attacker then used the initial funds to manipulate the crvUSD price. This brought the exchange rate with the reUSD pair to zero, allowing borrowing almost for free.
Cyvers Alert says that the stolen funds were then swapped to Ethereum ETH $2 450 24h volatility: 0.8% Market cap: $295.47 B Vol. 24h: $15.11 B and subsequently sent to two anonymous wallets. The total amount of lost funds reached $9.6 million so far.
Resupply said in an X post that the exploit has only affected the wstUSR market.
Resupply has experienced an exploit in the wstUSR market. The affected contract has been identified and paused. Only the wstUSR market was impacted and the protocol continues to function as intended. A full post-mortem will be shared as soon as a complete analysis of the…
— Resupply (@ResupplyFi) June 26, 2025
The decentralized stablecoin protocol, issuing loans backed by real-world assets, claims that the platform has been functioning normally apart from the wstUSR market, which has been paused until further notice.
Crypto hacks have been one of the leading threats in the ecosystem, with high-profile companies becoming victims.
Last month, Raj Gokal, a co-founder of Solana, saw his leaked credentials as hackers demanded 40 BTC.
In February, the Lazarus Group stole nearly $1.5 billion, in what was called the biggest financial heist in history, from Bybit, a leading cryptocurrency exchange.
Scams and hacks are becoming increasingly common in the crypto world, posing major threats even to established platforms. BitoPro, a Taiwanese exchange founded in 2018, is suspected to be the latest victim. On-chain investigator ZackXBT reported that over $11.5 million was drained from its TRON, Ethereum, Solana, and Polygon hot wallets on May 8.
Do you want to explain to the community why multiple of your hot wallets saw suspicious outflows of ~$11.5M on May 8, 2025 where you still have not disclosed the security incident on X or Telegram several weeks later? pic.twitter.com/HlD0c93Or4
— ZachXBT (@zachxbt) June 2, 2025
These funds were later funneled through Tornado Cash or bridged to Bitcoin using THORChain. Some users continue to report issues with “stuck funds,” raising concerns about transparency and user protection.
In parallel, a new malware threat called SparkKitty is targeting mobile users by stealing their device photos to find crypto wallet seed phrases. Confirmed by cybersecurity firms SlowMist and Kaspersky, the malware affects both iOS and Android devices, often spreading through apps like SOEX, which are disguised as crypto tools.
🚨 SparkKitty: Cute name, BIG threat
The new "little brother" of SparkCat malware hides in fake apps on Google Play & App Store—stealing all your photos, including sensitive screenshots.
Protect yourself:
🔒 Use encrypted storage
📱 Scan with #KasperskyPremium
Details:… pic.twitter.com/p3PeRGZnp7— Kaspersky (@kaspersky) June 23, 2025
SparkKitty is believed to be linked to the SparkCat malware family and hides within seemingly legitimate applications on official app stores. Users are advised to avoid unknown apps, sideloaded APKs, and to use antivirus software to protect their digital assets.
next