SagaEVM Network Halted After Nearly $7 Million Exploit

SagaEVM faced a $7M exploit, halting the network to mitigate damage and investigate the breach.

Fridah Kangai
January 23, 2026
11:50 am

Fridah Kangai

Fridah Kangai is a dedicated crypto journalist with a sharp eye for market trends, blockchain innovation, and digital asset movements. She specializes in breaking down complex topics into clear, engaging stories for both seasoned investors and curious newcomers. With a passion for decentralization and a pulse on the ever-evolving crypto space, Fridah delivers timely, accurate, and insightful coverage. Her work bridges the gap between technology and everyday understanding in the world of cryptocurrency.

SagaEVM suffers $7M exploit, halting network to prevent further damage.
Investigation ongoing as Saga works to blacklist exploiter’s wallet.
SagaEVM’s security breach reflects rising crypto theft across the industry.

Saga’s ecosystem faced fresh scrutiny after a security breach disrupted activity on its SagaEVM chain. In a statement posted on the project’s X page, the Exploit resulted in the unauthorized withdrawal of close to 7 million USDC. The attacker transferred the funds to chains and subsequently swapped them for ETH. Therefore, the team paused the SagaEVM network to avoid further losses and to contain the incident.

Shortly after irregular activity was spotted, Saga halted the chain at block height 6593800. The wallet address associated with the attacker was also revealed in the project: 0x2044…c6ecb. In addition to stopping the network, Saga began acting as a broker between exchanges and bridge operators. These initiatives are meant to block the speech and minimize further exposure. In addition, the team ensured that the remediation measures remain ongoing as the investigation continues.

Also Read: Hong Kong Moves Forward with Stablecoin Licensing in 2026

How the Exploit Unfolded on SagaEVM

Based on the project’s investigation update, this Exploit was a well-coordinated, technical series of actions. These measures involved the swift deployment of contracts, liquidity flows, and cross-chain systems. A combination of these actions enabled the attacker to withdraw money in a minimal amount of time. Importantly, Saga ensured that the event was confined to the SagaEVM chain.

Moreover, the team emphasized that the rest of its infrastructure remained intact. The SSC primary net and central agreement layer did not indicate any form of compromise. Saga also stated that they did not experience any evidence of validator failures, leaked signer keys, or consensus disruption. Therefore, the Exploit did not weaken the fundamental security systems of the protocol. This explanation was intended to assuage public fears.

Rising Crypto Theft Adds Pressure on Projects

The Saga incident adds to the growing losses in the digital asset industry. According to Chainalysis estimates cited by the project, crypto theft losses in 2025 surpassed $3.41 billion. This amount was slightly higher than the recorded 3.38 billion last year. Therefore, the task of strengthening monitoring and response mechanisms for blockchain teams still presses.

In the meantime, Saga affirmed that SagaEVM is in a holding position where results are being validated. Another thing the team observed is that a detailed post-mortem report should be prepared after the investigation is complete. Moreover, there is still cooperation with the external partners aimed at enhancing the protection. The steps reflect a broader industry trend toward faster containment and greater disclosure in the event of security incidents.

Also Read: Seeker Phone Users Can Claim SKR Tokens in Exclusive Airdrop – Don’t Miss Out!