In March 2026, an attacker exploited a vulnerability in Resolv Protocol — an Ethereum-based decentralised finance (DeFi) stablecoin protocol — to mint approximately $24 million in tokens without legitimate collateral. Resolv Protocol is a yield-bearing stablecoin protocol that issues USR (Resolv USD) backed by Ethereum and delta-neutral positions. The exploit involved the attacker identifying a flaw in the protocol’s minting or collateral verification logic that allowed creation of tokens without providing equivalent value — effectively stealing from the protocol’s liquidity pools and legitimate token holders. Resolv Protocol confirmed the exploit and paused protocol operations while investigating. The attacker’s transactions were visible on-chain, and blockchain analytics firms including Chainalysis and Elliptic assisted in tracing the stolen funds. DeFi protocol exploits of this type — targeting smart contract logic rather than traditional software vulnerabilities — continue at a sustained rate, with over $1.8 billion stolen from DeFi protocols in 2025 according to Chainalysis. The Resolv exploit was reported in the same week as the Uranium Finance case charges (April 2, 2026), the Drift Protocol $285M DPRK exploit (April 1, 2026), and the Bitrefill breach linked to Lazarus Group — indicating an active week for crypto-sector attacks. Resolv Protocol subsequently implemented additional smart contract auditing and patched the vulnerability.