ResupplyFi Exploit Leads to $9.6M Loss in wstUSR Market Amid Price Manipulation Bug
Resupply's wstUSR market experienced a security breach resulting in approximately $9.6 million in crypto losses. The exploit was a price manipulation attack linked to the synthetic stablecoin cvcrvUSD, allowing the attacker to borrow $10 million reUSD with minimal collateral by inflating share prices. The attacker utilized Tornado Cash for funding and converted stolen funds to Ether (ETH), distributing them across two addresses. In response, Resupply paused the affected contracts and plans to conduct a full post-mortem analysis. Security experts emphasized that better input validation, oracle checks, and real-time anomaly monitoring could have mitigated the attack. The incident underscores ongoing security vulnerabilities in DeFi protocols, particularly those involving synthetic assets. In 2025, crypto hack losses reached $2.1 billion, with hackers increasingly employing social engineering tactics.
