Saga, a layer-1 network, has halted its SagaEVM operations after it suffered an exploit that drained nearly $7 million in tokens, which were later bridged and converted to Ethereum. The tokens involved in the compromise remain undisclosed for now.
In an official X post, the blockchain protocol announced on Wednesday that it had paused the Ethereum-compatible chain at block height 6,593,800 in response to the exploit.
At the press time, ETH is trading at $3,004.98, up nearly 1.3 percent as compared to the same time last day.
Saga claims that in addition to the SagaEVM chainlet, the platform’s other stablecoins, Colt and Mustang, were also impacted by the incident.
For now, the chain will remain suspended until the technical and security teams do more research and provide their comprehensive post-mortem.
The network’s team also stated that they are “working with exchanges and bridges to blacklist the address” and that they have located the attackers’ wallet address where the stolen tokens were wired.
The incident comes against the backdrop of a rise in security breaches and hacks in the crypto space, with the industry still trying to swallow the MakinaFi exploit that took place just 48 hours ago.
Saga reveals cause of breach
During its ongoing investigation, Saga revealed that the recent security incident involved a coordinated sequence of contract deployments, cross-chain activity, and liquidity withdrawals.
Crucially, however, the group was able to verify that there was no failure of consensus, validator compromise, or leakage of the signer key, indicating that the overall Saga network is potentially safe.
Though this exploit illustrates the complexity of threats faced by contemporary blockchain systems, the basic functionality of the network remains unaffected. The team is presently working to secure users, establish trust, and make it possible for the system to function in the aftermath of the attack.
Market views on the Saga security breach
Despite Saga network releasing a comprehensive reason and status-quo of the breach, market participants have given their own two cents on the possible premise of the attack.
A security expert on X suggested that the exploit might have let a bad actor mint unlimited Saga Dollars. The stablecoin witnessed depegging following the breach, pulling down the stablecoin’s value by 24 percent to claim the price point of $0.7557, as per CoinGecko.
Source: CoinGecko
Researcher Vladimir S claimed that the attacker used a helper contract to send custom messages to IBC mechanisms.
The move likely helped the attacker in getting around validation in the bridge logic. The reroute later helped in taking $D tokens “out of thin air” without any collateral.
On the other hand, on-chain investigator Specter suggested a different approach, saying that a private key compromise might be involved, though he admitted that he doesn’t have all the information.
Saga exploit highlights crypto security risks
The Saga breach comes at a time when crypto security is under intense scrutiny. Chainalysis reported that over $3.4 billion was stolen in 2025 alone, with large, high-profile hacks driving much of the loss.
Vulnerabilities in smart contracts, bridges, and DeFi protocols continue to expose the risks of the space.
The Saga exploit also stands as the second major attack of 2026 with investors still waiting for updates on MakinaFi exploit.