Saga Hacked For $7 Million, Pauses SagaEVM Chain

Layer 1 protocol Saga suffered a safety exploit on its SagaEVM chain, draining almost $7 million and prompting the mission to pause the community. On the identical time, it finalizes its investigation and remediation efforts, in keeping with a weblog publish.

In response to on-chain evaluation, the attacker minted Saga Greenback (D) tokens with out collateral, bridged the belongings to Ethereum, and transformed a lot of them into over 2,000 ETH valued at greater than $6 million, with an extra $800,000 deployed into Uniswap V4 liquidity positions.

Saga halted the SagaEVM chain as soon as it recognized the incident on January 21 and has stored the chain stopped “out of an abundance of warning” whereas it assesses the total scope of the exploit, addresses the vulnerability, and reinforces total system safety.

SagaEVM stays paused whereas we finalize the outcomes of our investigation into the Jan 21 exploit.

We’re working with companions on remediation and can publish a autopsy as soon as findings are absolutely validated. $7M of USDC was bridged out and transformed to ETH.

Extracted funds had been…

— Saga ⛋ (@Sagaxyz__) January 22, 2026

“We’re working with companions on remediation and can publish a autopsy as soon as findings are absolutely validated,” Saga mentioned. 

The crew acknowledged that suspending the chain is disruptive for customers however emphasised that defending the neighborhood’s funds and the protocol’s integrity takes precedence. Saga mentioned it’ll launch an in depth technical autopsy as soon as remediation steps are completed and its conclusions are absolutely verified.

Protocol Working To Blacklist The Attacker

In response to Saga, it has recognized the pockets that obtained the extracted belongings.

Saga is coordinating with exchanges and bridge operators to blacklist the attacker’s deal with in an effort to restrict the motion of the stolen funds and assist any potential restoration measures. The crew can also be conducting a forensic evaluation utilizing archive information and execution traces to reconstruct the assault path.

Saga mentioned the incident didn’t have an effect on its broader infrastructure, together with the SSC mainnet or core consensus layer, and located no proof of validator compromise, consensus failure, or leaked signer keys.

The assault comes at a time when there’s a prevalence of crypto exploits, with information from Chainalysis saying that losses have been greater than $3.41 billion in 2025.

Associated Information:

Finest Pockets – Diversify Your Crypto Portfolio

Simple to Use, Characteristic-Pushed Crypto Pockets
Get Early Entry to Upcoming Token ICOs
Multi-Chain, Multi-Pockets, Non-Custodial
Now On App Retailer, Google Play
Stake To Earn Native Token $BEST
250,000+ Month-to-month Energetic Customers