- On Friday, Gnosis Pay launched an in depth autopsy report on the June 1 safety incident, wherein $1.5 million value of funds was stolen from the platform.
- Within the report, Gnosis Pay has confirmed the vulnerability current within the Zodiac Delay and Roles Modules.
- The report comes after the Gnosis Pay CEO promised to cowl all losses.
On July 3, Gnosis Pay, a self-custodial crypto debit card service developed on Gnosis Chain utilizing Protected sensible wallets, shared an in depth autopsy report associated to a safety incident that occurred on June 1.
What Occurred on Gnosis Pay: Incident Particulars
In early June, Gnosis Pay skilled a significant safety exploit. Co-founder and CEO Martin Koppelmann additionally confirmed a vulnerability within the Zodiac Delay Module. The principle flaw existed within the ERC-1271 signature verification logic inside the module. It’s the system that solely reads the contract’s return worth with out verifying whether or not the decision had really executed efficiently.
The autopsy report talked about that “the assault was quickly detected by the treasury supervisor, NOCA, through their monitoring infrastructure. We instantly triggered our incident response protocol and recognized the foundation trigger inside 2 hours.”
“The impression was remoted to the cardboard secure software program module parts (particularly the Delay and Roles Modules offered by Zodiac). To make sure containment through the energetic triage part, we systematically paused card transaction processing, authorisation methods, and new person onboarding,” acknowledged within the report.
Attackers exploited this by deploying a contract, which is designed to fail however nonetheless return a “legitimate” indicator. By doing this, attackers have solid authorization and withdrawn funds from accounts they didn’t personal.
The vulnerability had been launched with the Zodiac code model 3.4.0 in October 2023 and was patched on June 5. Attackers have stolen roughly $1.5 million throughout 5,281 wallets, together with about $641,000 in GNO, $453,000 in EURe, and $339,000 in USDC.e.
After this hack, Koppelmann stated, “Please be affected person whereas we attempt to include the harm. Relaxation assured, Gnosis will cowl all person losses.” Just a few days after this cyber assault, a lot of the operations have been restored. The corporate claimed that it had recovered greater than 99% of providers and accomplished full person refunds.
Crypto Sector Faces Robust Time with a Sequence of Safety Incidents
In the previous few months, the crypto sector has confronted a tricky time with safety issues. From April to June 2026, hackers have stolen a whole lot of hundreds of thousands of {dollars} by intelligent assaults on DeFi platforms, bridges, and wallets. The sequence of cyber hacks in 2026 has sparked worry in your entire crypto neighborhood, which is at present going by a bullish wave.
In April, the crypto sector suffered main cyberattacks, together with Kelp DAO. In round 28 safety incidents, the cumulative losses have reached round $635 million. In April, two main cyber assaults occurred, together with Drift Protocol and Kelp DAO. On April 1, Drift Protocol, a Solana-based buying and selling platform, was compromised in a cyber assault and misplaced round $285 million. After just a few days, Kelp DAO suffered a large $292 million exploit by a bug in its LayerZero cross-chain bridge.
In Might and June, the crypto sector has additionally reported small-scale cyber assaults, the place losses dropped to roughly $80 million in Might and $76 million in June throughout dozens of safety incidents in every month. One of many main safety incidents occurred on the Humanity Protocol, the place hackers stole round $36 million by compromising personal keys on an contaminated developer machine.
- On Friday, Gnosis Pay launched an in depth autopsy report on the June 1 safety incident, wherein $1.5 million value of funds was stolen from the platform.
- Within the report, Gnosis Pay has confirmed the vulnerability current within the Zodiac Delay and Roles Modules.
- The report comes after the Gnosis Pay CEO promised to cowl all losses.
On July 3, Gnosis Pay, a self-custodial crypto debit card service developed on Gnosis Chain utilizing Protected sensible wallets, shared an in depth autopsy report associated to a safety incident that occurred on June 1.
What Occurred on Gnosis Pay: Incident Particulars
In early June, Gnosis Pay skilled a significant safety exploit. Co-founder and CEO Martin Koppelmann additionally confirmed a vulnerability within the Zodiac Delay Module. The principle flaw existed within the ERC-1271 signature verification logic inside the module. It’s the system that solely reads the contract’s return worth with out verifying whether or not the decision had really executed efficiently.
The autopsy report talked about that “the assault was quickly detected by the treasury supervisor, NOCA, through their monitoring infrastructure. We instantly triggered our incident response protocol and recognized the foundation trigger inside 2 hours.”
“The impression was remoted to the cardboard secure software program module parts (particularly the Delay and Roles Modules offered by Zodiac). To make sure containment through the energetic triage part, we systematically paused card transaction processing, authorisation methods, and new person onboarding,” acknowledged within the report.
Attackers exploited this by deploying a contract, which is designed to fail however nonetheless return a “legitimate” indicator. By doing this, attackers have solid authorization and withdrawn funds from accounts they didn’t personal.
The vulnerability had been launched with the Zodiac code model 3.4.0 in October 2023 and was patched on June 5. Attackers have stolen roughly $1.5 million throughout 5,281 wallets, together with about $641,000 in GNO, $453,000 in EURe, and $339,000 in USDC.e.
After this hack, Koppelmann stated, “Please be affected person whereas we attempt to include the harm. Relaxation assured, Gnosis will cowl all person losses.” Just a few days after this cyber assault, a lot of the operations have been restored. The corporate claimed that it had recovered greater than 99% of providers and accomplished full person refunds.
Crypto Sector Faces Robust Time with a Sequence of Safety Incidents
In the previous few months, the crypto sector has confronted a tricky time with safety issues. From April to June 2026, hackers have stolen a whole lot of hundreds of thousands of {dollars} by intelligent assaults on DeFi platforms, bridges, and wallets. The sequence of cyber hacks in 2026 has sparked worry in your entire crypto neighborhood, which is at present going by a bullish wave.
In April, the crypto sector suffered main cyberattacks, together with Kelp DAO. In round 28 safety incidents, the cumulative losses have reached round $635 million. In April, two main cyber assaults occurred, together with Drift Protocol and Kelp DAO. On April 1, Drift Protocol, a Solana-based buying and selling platform, was compromised in a cyber assault and misplaced round $285 million. After just a few days, Kelp DAO suffered a large $292 million exploit by a bug in its LayerZero cross-chain bridge.
In Might and June, the crypto sector has additionally reported small-scale cyber assaults, the place losses dropped to roughly $80 million in Might and $76 million in June throughout dozens of safety incidents in every month. One of many main safety incidents occurred on the Humanity Protocol, the place hackers stole round $36 million by compromising personal keys on an contaminated developer machine.



















