Confirmation of fraudulent contract implementation and cross-chain transactions with SagaEVM
On January 21, it was announced that a security incident involving Saga’s Ethereum-compatible chain “SagaEVM” had been confirmed and the chain had been temporarily suspended.
Saga is a layer 1 blockchain with a mechanism called ‘chainlet’ that provides an independent blockchain environment for each application. Developers can deploy special chains on Saga for applications such as games and decentralized finance (DeFi). Saga EVM, which was affected this time, is one of the chainlets compatible with Ethereum.
According to Saga, this incident involved a series of fraudulent behavior combining multiple contract implementations, cross-chain transactions and liquidity withdrawals. Saga EVM was shut down at block height 6,593,800 to facilitate investigation and response.
Chainlets were affected, and the stablecoin-related protocols that Colt and Mustang used on the same chain were also affected. On the other hand, no impact has been confirmed on the Saga SSC mainnet, protocol consensus, validator security or other chainlets.
According to the company’s announcement, as a result of this incident, approximately $7 million (approximately 1.09 billion yen) worth of crypto assets (virtual currency), including USDC ($1.00), yUSD, ETH ($2,861.97), and tBTC, were transferred to the Ethereum mainnet. The operator’s wallet address has been identified as “0x2044697623afa31459642708c83f04ecef8c6ecb”, and Saga is working with exchange and bridge operators to blacklist the address and recover assets.
Saga explains that no consensus failures, validator compromises, or signature key leaks have been confirmed in this incident. The overall network structure of the project has been maintained.
Currently, Saga EVM is still inactive and the company’s technical and security teams are conducting a detailed forensic investigation using archived data and execution traces. Additionally, the company said it has taken additional measures to prevent similar attack patterns.
Looking ahead, Saga plans to identify and resolve the cause, strengthen related components, and release a comprehensive post-mortem with technical details once the investigation is complete.
In response to security incidents, Saga has stated a policy of gradually sharing only confirmed facts, stating that “accuracy and user safety will be our top priority during the investigation.”
SagaEVM remains on pause while we finalize the results of our investigation into the January 21 exploit.
We are working with partners on recovery and will publish a post-mortem once the findings have been fully validated. $7 million in USDC was bridged and converted into ETH.
The funds raised were…
— Saga ⛋ (@Sagaxyz__) January 22, 2026
Reference: Saga
Image: PIXTA
Related news
- What’s happening with Web3 this year? “2026 Outlook” as told by 129 people leading the crypto-asset/blockchain industry
- L1 blockchain “Saga” mainnet launched, unique token “SAGA” broadcast
- Binance Launch Pool Starts Processing “Saga (SAGA)”
- The stablecoin platform “Noble” built by Cosmos SDK is moving to EVM layer 1
- Cosmos developer stops deploying EVM on “Cosmos Hub” and changes strategy
#Security #incident #Layer #Saga #SagaEVM #Million #Leaked #BitRss #Crypto #World #News