There’s no surprise among crypto investors and critics who woke up this morning to news of another crypto hack taking place over the weekend. The unregulated marketplace is becoming a safer haven than ever for cybercrime. Sure, it presents great returns to savvy investors that can navigate the space skillfully. But, the high likelihood of crime is something these investors must reckon with. A brand-new stablecoin, Acala Dollar (AUSD-USD), is the newest victim. An AUSD exploit is allowing hackers to throw the coin’s prices into disarray.

Stablecoins are already a touchy subject. This year, several projects have been thrown from their $1 pegs. Most notable is TerraClassicUSD (USTC-USD). The algorithmic stablecoin sent the entire crypto ecosystem into a steep plummet when high transaction volume threw its price equilibrium off.

The USTC event is one which lawmakers are referencing when discussing the needs for stablecoin legislation. And yet, it is not the only stablecoin to spark ire. Just last week, investors saw USD Coin (USDC-USD) developer Circle targeted by regulators. Its association with recently sanctioned crypto project Tornado Cash has lead to many thousands of USDC being frozen in sanctioned wallets. Not to mention past stablecoin controversies, like Tether’s (USDT-USD) ban in the state of New York.

And during a year when hacks have continued to grow in frequency and fiscal damage, it was only a matter of time before stablecoins fell victim. So what happened to brand-new AUSD? It seems a hacker was able to take advantage of a bug on the protocol and steal billions of tokens as a result.

Nearly 1.3B AUSD Tokens Stolen From Acala

Acala and the AUSD token make up the first stablecoin project on the Polkadot (DOT-USD) ecosystem. The project launched to much fanfare in 2022, bringing attention to Polkadot in late May with a $250 million fund for the Polkadot chain. Months later, the project is navigating one heck of a first road bump as it falls victim to a hack.

According to reports by CoinDesk, this hack was made possible by a bug in a new liquidity pool. On Sunday, Acala developers launched a pool containing AUSD and a crypto called iBTC (IBTC-USD). Exploiting the bug, the hacker minted a whopping 1.28 billion of new AUSD. They then moved it to a private wallet. Several other hackers took advantage of the bug, too, stealing thousands of dollars worth of DOT from the protocol.

As a result of the hack, investors are seeing the familiar sight of a stablecoin losing its $1 peg. AUSD is being hit very hard by the sudden hypergrowth of its total supply. The coin has lost over 99% of its value, with prices now below one cent. The hacker’s wallet still contains nearly all of the 1.2 billion worth of new AUSD.

Acala developers have moved swiftly to pause the network and freeze the hacker’s funds. With some luck, they can repossess and dispose of the new AUSD in order to restore parity to the token. Yet, the move is sparking some controversy, with investors wondering just how much truth there is to developers’ claims that Acala is a decentralized and censorship-free protocol.