Saga Halts Blockchain After $7 Million Security Exploit Depegs Stablecoin

TLDR

• Saga’s SagaEVM chainlet was paused after a $7 million exploit that saw funds bridged out and converted to Ether
• The attack caused Saga’s dollar-pegged stablecoin to drop to $0.75 and total value locked to fall 55% from $37 million to $16 million
• Security researchers suspect the exploit involved minting unlimited Saga Dollars through custom messages that bypassed bridge validation
• Saga identified the attacker’s wallet address and is working with exchanges and bridges to blacklist it
• The broader Saga network infrastructure remains unaffected with no validator compromise or consensus failure

Layer-1 blockchain protocol Saga paused its SagaEVM chainlet on Wednesday after a security exploit drained nearly $7 million in funds. The attack caused the platform’s dollar-pegged stablecoin to lose its peg and drop to $0.75.

The Saga team announced the pause at block height 6,593,800 after detecting suspicious activity. The exploiter bridged the stolen funds out of SagaEVM and converted them to Ether.

According to Saga’s investigation, the exploit involved a coordinated sequence of contract deployments and cross-chain activity. The attacker was able to extract funds through liquidity withdrawals across multiple chains.

The platform’s total value locked dropped from over $37 million to $16 million in 24 hours, according to data from DefiLlama. This represents a 55% decline in assets held on the protocol.

Saga’s primary stablecoin, Saga Dollar, depegged on Wednesday at around 10:16 pm UTC. The stablecoin’s price fell to $0.75 from its intended $1.00 peg, based on data from CoinGecko.

The platform’s other stablecoins, Colt and Mustang, were also affected by the exploit. The team said the chainlet will remain paused until engineering and security teams complete their investigation.

Investigation Points to Bridge Vulnerability

Security researcher Vladimir S suggested the attacker minted Saga Dollars without collateral. He said the exploit used a helper contract that abused Inter-Blockchain Communication mechanisms with custom messages.

The custom messages reportedly bypassed validation in the precompile bridge logic. This allowed the minting of tokens without providing any backing assets.

Another on-chain investigator, Specter, speculated the exploit might result from a private key compromise. However, they noted there was limited information available at the time.

Saga has identified the wallet address where the stolen funds were sent. The team is working with exchanges and bridge operators to blacklist the address.

The protocol stated there was no consensus failure or validator compromise. Saga said its SSC mainnet and core consensus layer remain structurally sound.

Response and Security Measures

The Saga team said they have launched additional safeguards to prevent similar attacks. They plan to publish a full post-mortem once findings are validated.

The team confirmed there was no evidence of leaked signer keys. The broader Saga network infrastructure was not affected by the security incident.

Saga is coordinating remediation efforts with partners across the ecosystem. The investigation continues as teams work to understand the full scope of the exploit.

The breach occurred during a period of elevated crypto theft in 2025. Chainalysis estimates total losses exceeded $3.41 billion this year, up from $3.38 billion in the previous year.

The post Saga Halts Blockchain After $7 Million Security Exploit Depegs Stablecoin appeared first on CoinCentral.