Saga Pauses SagaEVM After $7 Million Smart Contract Exploit
Saga has temporarily halted its SagaEVM chain following a confirmed smart contract exploit that resulted in the loss of approximately $7 million in bridged assets.
In a statement posted on Jan. 21, Saga said the exploit occurred on a single chainlet, prompting the network to pause SagaEVM at block height 6,593,800 as a precautionary measure. The broader Saga network remains operational.
Details of the exploit
According to Saga’s investigation update, attackers carried out a coordinated sequence of smart contract deployments and cross-chain transactions before withdrawing liquidity and transferring funds to the Ethereum mainnet.
The stolen assets included USDC, yUSD, ETH, and tBTC, which were bridged out and later converted. Saga said it is working with exchanges and bridge operators to blacklist the attacker’s addresses and limit further movement of the funds.
Saga confirmed that the incident was isolated to the SagaEVM chainlet, along with the Colt and Mustang environments. The company stressed that its SSC mainnet, protocol consensus, validators, and other chainlets were not affected, adding that there was no consensus failure, validator compromise, or key leakage.
Mitigation and next steps
Saga said the chain was paused to prevent further damage while remediation efforts are underway. Since the incident, the team has restricted related cross-chain activity, implemented safeguards to block similar attack patterns, and continued forensic analysis with security partners.
SagaEVM will remain offline until remediation is complete and the team is confident no additional risks remain. Once the investigation is finalized, Saga plans to publish a comprehensive technical post-mortem detailing the exploit and response.
The incident adds to a growing number of smart contract and cross-chain exploits observed in late 2025 and early 2026, as attackers continue to target decentralized infrastructure.
