Under normal protocols, a series of unnetworked transactions were discovered. BlockSec reported a violation, which led to a suspension of all normal smart contracts.
BlockSec has discovered a series of suspicious transactions derived from the usual protocol. The USD0 Synthetic Stablecoin issuer paused the protocol until the threat was removed.
@phalcon_xyz system detected a hack for @usualmoney. The protocol has been suspended. You can share the link here: https://t.co/syznkoysru
You can book a demo and learn how Phalcon can help protocols monitor hacking and take automated actions. https://t.co/uyvbhlowjh
– BlockSec (@blockSecteam) May 28, 2025
Within the first hour after exploit, the usual protocol Clearly No liquidity was emitted and user funds were not affected. Hackers’ revenue came from the arbitration between USD0++ and USD0, only $43,000.
The usual protocol focused on the fraudulent swap between USD0++ and USD0, bringing a hacker’s $43,000 profit. |Source: BlockSec
Exploits were linked to the main activities of the usual protocol, synthetic USD0, and the form of tokens as de facto bonds. Exploiter was able to achieve the allowed swap between the token bond form and the tradable USD0.
After that some of the funds from the exploits were exchange to Circle’s USDC via Uniswap v3. If USDC is frozen, there is no data yet.
Following the exploit, the regular tokens were traded around $0.12 as they were not affected by the hack.
The usual protocol was misused for the second time in a few days
The Chief Attack Vector of the normal protocol is a USD0++ token, which is the combined form of USD0. Switching two tokens is allowed, but the attacker was able to exchange assets at a 1:1 ratio.
In the open exchange, USD0++ and USD0 trade with the gap between $0.97 and $0.99 respectively. Previously, it was found in the project token. Hair removal It’s as low as $0.85.
The price difference between the bond form of staked tokens and the freely traded USD0 allowed the attacker to mediate the difference.
Researchers on the chain have shown that similar exploits have occurred in the past few days, but the usual protocol has remained mostly quiet about it.
The recent exploit cost only $42,973 in the form of USDC, but the possibility of repeated attacks has led to the usual protocol notifying and freezing smart contracts. The normal core protocol is still operating, with only affected smart contracts being suspended.
The usual purpose of recovering locked values
The regular protocol only has around $380 million in total locked value, falling from its $1.7 billion peak in January. The platform suffered from hair removal events in early 2025, with only limited demand for bond-based Stablecoin.
Staked USD0++ has a supply of about 569m tokens, while USD0 is a 635m token. Redemption between two assets can affect the evaluation and stability of the project.
The stake version of the token requires a four-year lockup and acts as a bond sold at a discount. Stablecoins are supported by tokenized assets issued by Ondo Finance, Hashnote, and BlackRock.
The usual protocol is one of the negative experiments in providing passive income. However, the project also has other tools to abandon piling assets. Small markets of curve finance are available. Over 87% of all USD0++ are traded.
Neither Stablecoin is listed in the major markets and relies on Uniswap or Curve Finance for its liquidity.
Discover more from Earlybirds Invest
Subscribe to get the latest posts sent to your email.
