Saga has paused its SagaEVM chain following a wise contract exploit that resulted within the lack of roughly $7 million in bridged property.
Abstract
- Saga paused its EVM chain after detecting a confirmed exploit.
- The incident affected a single chainlet whereas the broader community stayed operational.
- A full autopsy shall be revealed after remediation is full.
Saga has halted its SagaEVM chain after bridged property had been misplaced attributable to a wise contract exploit. This has prompted an ongoing investigation and remediation course of.
In a press release launched on X on Jan. 21, Saga confirmed the incident, stating that an exploit on the chainlet brought on SagaEVM to be paused at block peak 6,593,800.
What occurred and what was affected
In accordance with Saga’s investigation replace, attackers executed a coordinated sequence of contract deployments and cross-chain transactions earlier than withdrawing liquidity and transferring funds to the Ethereum (ETH) mainnet.
Practically $7 million value of property, together with USDC, yUSD, ETH, and tBTC, had been bridged out and later transformed. Saga stated it’s working with exchanges and bridge operators to blacklist the handle and restrict additional motion of funds.
The impression was restricted to the SagaEVM chainlet, together with the Colt and Mustang environments. Saga confirmed that its SSC mainnet, protocol consensus, validators, and different chainlets weren’t affected. The group additionally said there was no consensus failure, validator compromise, or signer key leakage.
SagaEVM stays paused whereas engineers analyze archive information and execution traces to find out the total scope of the incident.
Mitigation efforts and subsequent steps
Saga stated the choice to pause the chain was made to stop additional impression whereas mitigation measures are accomplished. Because the pause, the group has restricted associated cross-chain exercise, added safeguards to dam related assault patterns, and continued forensic evaluation with safety companions.
The chain will keep offline till remediation is completed and the group is assured no further danger stays. After findings are finalized and verified, Saga plans to launch a complete technical autopsy.
As hackers proceed to focus on good contracts and cross-chain infrastructure, the incident provides to the rising record of cryptocurrency exploits noticed in late 2025 and early 2026. Saga stated it would proceed to share updates as confirmed particulars develop into accessible.
