Get the latest crypto news, updates, and reports by subscribing to our free newsletter.
Giấy phép số 4978/GP-TTĐT do Sở Thông tin và Truyền thông Hà Nội cấp ngày 14 tháng 10 năm 2019 / Giấy phép SĐ, BS GP ICP số 2107/GP-TTĐT do Sở TTTT Hà Nội cấp ngày 13/7/2022.
© 2026 Index.vn
Production of bean sprouts using the toxin 6-Benzylaminopurine (6-BAP) has led to criminal proceedings in Lao Cai, authorities said, after police uncovered a facility supplying toxic sprouts to wholesale markets. On April 4, Lao Cai Provincial Police announced the indictment of Chu Thi Hoa (born 1990, from Phu Tho) for…
Resolv Protocol said it was hit by a sophisticated cyberattack on March 22, 2026, leading to a $25 million loss after attackers minted 80 million USR tokens without authorization. The incident involved compromised third-party access and activity across multiple infrastructure layers. Resolv has since contained the breach, revoked compromised credentials, and paused most protocol operations, while pre-hack USR holders are being compensated on a 1:1 basis, with most redemptions already processed.
Resolv said the attack began outside its own infrastructure. A contractor previously contributed to a third-party project that was separately compromised.
According to Resolv’s postmortem, the attackers obtained a GitHub credential tied to the contractor’s account. That credential provided access to Resolv’s code repositories.
Once inside, the attackers deployed a malicious GitHub workflow designed to extract sensitive infrastructure credentials without triggering outbound network detection. Resolv added that the attackers “removed their own access from the repository to minimize their forensic footprint” after retrieving the credentials.
The stolen credentials then enabled entry into Resolv’s cloud environment. Over several days, the attackers conducted reconnaissance, mapping services and probing for API keys associated with third-party integrations before moving toward execution.
Resolv said gaining signing authority over the minting key required escalation. Multiple escalation attempts failed due to existing access controls, but the attackers ultimately used “a higher-privileged role’s policy management capabilities to modify the key’s access policy directly, granting themselves signing authority.”
Resolv reported that real-time monitoring flagged the first anomalous transaction within approximately one hour of the initial mint. The team began preparing to pause contracts, halt backend services, and revoke compromised credentials.
At 05:16 UTC, all relevant smart contracts with pause functionality were fully paused on-chain. By 05:30 UTC, revoked credentials had severed the attackers’ cloud access entirely.
Resolv said “forensic logs confirm that the attackers had been active as recently as 05:15 UTC,” indicating containment occurred while the threat was still live.
In terms of damage control, Resolv stated that around 46 million of the 80 million illicitly minted USR has since been neutralized through burns and blacklisting.
Resolv engaged multiple external firms to support recovery and investigation, including Hexens for infrastructure forensics, MixBytes for smart contract audit, SEAL 911 for emergency coordination, and Hypernative for real-time monitoring. Resolv also said Mandiant and ZeroShadow are set to join the broader investigation.
For remediation, Resolv plans to replace CI/CD credentials with OIDC-based authentication. It also said it is implementing on-chain mint caps and oracle-based price validation for minting operations.
In addition, Resolv is developing automated emergency pause mechanisms connected to live monitoring to reduce the risk of delays in future incident response.
In brief\n\nBitcoin dropped to about $93,000, falling back below the EMA50 and putting its recent golden cross at risk of invalidation. The global crypto market cap stands at $3.15 trillion, down 2.38% in 24 hours. On Myriad Markets, 82% of the money is betting on Bitcoin pumping to $100K before…
