Key Highlights
- Saga emergency-halted the SagaEVM chain at block 6,593,800 on January 21 after detecting a $7M smart contract exploit to prevent further losses.
- The exploit affected the SagaEVM chainlet, including the Colt and Mustang environments, where funds were drained.
- Stolen funds, including USDC, ETH, yUSD, and tBTC were quickly bridged out of SagaEVM to Ethereum.
Layer-1 blockchain project Saga was forced to pull the plug on its primary EVM environment. On January 21, security teams detected an anomaly in the SagaEVM chain, prompting the team to halt the network at block height 6,593,800 to prevent further losses.
The exploit drained nearly $7 million in USDC, yUSD, ETH, and tBTC, that were transferred to Ethereum Mainnet.
In a public update, Saga said the attacker carried out a coordinated operation involving contract deployments, liquidity movements, and cross-chain transactions. Saga confirmed the exploiter’s wallet as “0x2044…c6ecb” and said it is coordinating with exchanges and bridge operators to blacklist the address and limit further movement of funds.
Saga says the main network is safe
Saga emphasized that the exploit specifically compromised the SagaEVM chainlet, including the Colt and Mustang environments.
The project said its SSC mainnet remains fully operational and that the incident did not compromise validator security, the protocol’s consensus layer, or other Saga chainlets. “There is no evidence of leaked keys, validator breaches, or broader network failure,” the team said.
“We recognize that a pause is disruptive, but the safety of our community comes first,” Saga said in its investigation update. Engineering and security teams are now conducting a comprehensive forensic analysis using archive nodes and execution traces to determine the exact cause of the breach and to strengthen the affected components.
SagaEVM will remain offline until the investigation is complete and fixes are implemented. The company said it will release a detailed technical post-mortem outlining what happened, how it was addressed, and what safeguards are being introduced.
Another incident in a wave of hacks
The Saga exploit comes as crypto-related attacks continue to rise across the industry. On January 2, wallets across several EVM chains were hit by an apparent automated attack, with hundreds of users reporting sudden losses.
Blockchain investigator ZachXBT said total stolen funds had surpassed $107,000, though individual wallets lost under $2,000. The vulnerability behind those attacks remains unknown.
According to blockchain intelligence firm Chainalysis, more than $3.41 billion was stolen in crypto from January to early December, slightly higher than last year’s $3.38 billion, showing that crypto theft remains widespread.
These incidents add to a growing list of crypto exploits, as blockchain hacks and thefts continue to cost the industry billions of dollars each year.
Also Read: Makina Finance Hacked: MEV Bot Snipes 1,299 ETH in $4M Protocol Exploit
