Saga has introduced a pause of it’s Saga EVM blockchain in response to a hack which drained near $7 million earlier as we speak.
The scaling answer describes itself as a “gasless EVM environment that gives you the full Ethereum experience.” The broader Saga ecosystem purportedly contains web3 gaming, DeFi and AI brokers.
X consumer rukawa.eth raised the alarm shortly after the assault, with blockchain safety agency Decurity flagging the hack 4 hours later.
Saga’s official X account then confirmed the exploit, informing customers that the chain is paused.
SagaEVM has been paused at block top 6593800 in response to a confirmed exploit on the SagaEVM chainlet.
Mitigation is underway, and the crew is totally centered on an answer.
Additional updates will observe as soon as particulars are confirmed.
— Saga ⛋ (@Sagaxyz__) January 21, 2026
With scant particulars across the incident, the basis reason for the exploit stays unclear.
Based on Decurity’s alert, the attacker “minted D tokens (Saga Dollar) out of thin air with a helper contract that abused IBC mechanisms with custom messages.”
Nevertheless, “Onchain Investigator” Specter suggests the loss could also be all the way down to a personal key compromise.
Regardless of the trigger, blockchain information exhibits that the stolen funds had been bridged again to an Ethereum deal with as USDC.
As a way to keep away from being frozen, they had been then swapped for native ether (ETH) through KyberSwap, 1inch and CoW Swap. The deal with presently holds round 2,089 ETH, valued at simply over $6 million.
Different tokens, together with YieldFi’s yUSD and yETH totalling round $850,000 had been additionally bridged. These had been then deposited to Uniswap liquidity swimming pools.
Saga-based stablecoin D is down 25% because the hack, in keeping with CoinGecko information. The exploiter’s Saga EVM deal with nonetheless incorporates over 12 million D tokens.
DeFi hazard
As we speak’s incident is the newest in what appears to be a resurgence of DeFi hacks in current weeks.
Already this 12 months, over $30 million has been stolen by hackers, with the bulk ($26 million) misplaced by Truebit. Certainly, simply yesterday, a pair of assaults hit DeFi platform Makina and gaming/AI mission SynapLogic.
The pattern appeared to select up in the direction of the again finish of 2025, a 12 months principally dominated by bigger trade hacks.
Nevertheless, starting in December, a spate of older DeFi protocols have been focused, with some suspecting an AI-aided exploiter could also be dredging for beforehand unnoticed vulnerabilities.
