Close Menu

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    Gillibrand pushes crypto ethics ban after Trump’s $1.4b memecoin disclosure 

    July 4, 2026

    Do Kwon and US gov’t ask to delay legal filings for a third time

    July 4, 2026

    KZG Ceremony Special Contributions | Ethereum Foundation Blog

    July 4, 2026
    Facebook X (Twitter) Instagram
    Cryptify Now
    • Home
    • Features
      • Typography
      • Contact
      • View All On Demos
    • Typography
    • Buy Now
    X (Twitter) Instagram YouTube LinkedIn
    Cryptify Now
    You are at:Home » Gnosis Pay reveals hidden flaw behind $1.5 million crypto hack
    Crypto

    Gnosis Pay reveals hidden flaw behind $1.5 million crypto hack

    James WilsonBy James WilsonJuly 4, 2026No Comments4 Mins Read
    Facebook Twitter Pinterest LinkedIn Tumblr Email
    Share
    Facebook Twitter LinkedIn Pinterest Email



    Gnosis Pay has revealed that a software flaw dating back to October 2023 enabled the $1.5 million exploit of its card safe infrastructure, while confirming that all affected users have been fully reimbursed.

    Summary

    • Gnosis Pay traced its $1.5 million hack to a Zodiac software flaw that had existed since October 2023.
    • The company reimbursed all affected users, restored services within days, and continues recovering about $300,000.
    • The incident adds to growing scrutiny of crypto security as firms and governments respond to rising cyber threats.

    According to a postmortem published by Gnosis Pay on Friday, the vulnerability was traced to version 3.4.0 of the Zodiac smart contract framework and had remained undiscovered since Oct. 30, 2023.

    The company said the weakness was exploited on June 1, allowing attackers to gain control of about $1.5 million in digital assets held across its decentralized self-custodial payment network.

    The report states that Gnosis Pay’s monitoring systems, operated by treasury manager NOCA, detected the first unauthorized transfer at 06:17 UTC on June 1. Engineers identified the root cause within two hours of the initial alert, after which the company suspended card services, temporarily halted its bridge to Gnosis Chain, and shared attacker wallet addresses with stablecoin issuers to help trace the stolen funds. Gnosis Pay also notified external projects that could have been exposed to the same vulnerability.

    On 1 June, Gnosis Pay experienced a security incident affecting card accounts. All affected balances were restored.

    Post-mortem here: https://t.co/2QZhQG4ndr

    — Gnosis Pay 💳 (@gnosispay) July 3, 2026

    Funds restored after staged recovery

    Following the incident, Gnosis Pay restored customer access in several phases. The company said the first affected accounts regained access to their balances and payment cards by the night of June 3 after new card-safe modules had been deployed. Installation continued over the following days, restoring service for 99% of users by June 6, while the remaining accounts were recovered shortly afterward.

    Gnosis Pay said it absorbed the financial losses itself, leaving customers with no losses from the exploit. According to the postmortem, the attackers stole mostly GNO, EURe, USDC.e, and several other digital assets. The company added that roughly $300,000 worth of assets had not yet been recovered and recovery efforts remain ongoing.

    The report also disclosed that 5,281 wallets holding at least $1 were affected by the exploit. Gnosis Pay published the attacker’s wallet address used during the incident, identifying it as 0x5a7…7a35, while explaining that the exploit targeted two components within its card safe infrastructure, the Delay Module and the Roles Module.

    Smart contract exploits continue to pressure crypto platforms

    The disclosure comes as security incidents continue to affect crypto infrastructure providers. As crypto.news reported earlier, Humanity Protocol recently confirmed it is repositioning toward enterprise artificial intelligence products after a $36 million exploit accelerated an internal restructuring that had already been under consideration for several months.

    During an interview, Humanity Protocol founder Terence Kwok said the company had been reviewing its long-term direction for six to nine months before the breach. He explained that the exploit sped up those plans, while adding that digital identity will remain central because enterprise AI systems will require reliable ways to verify people and credentials.

    Meanwhile, concerns over crypto-related cybercrime have also reached government leaders. Earlier, G7 leaders issued a joint statement after their summit in Evian-les-Bains, France, calling for coordinated action against North Korea’s cryptocurrency thefts and cybercrimes.

    The statement linked the issue to long-standing concerns that stolen digital assets have helped finance Pyongyang’s nuclear and ballistic missile programs under international sanctions, a claim repeatedly supported by Western governments and blockchain analytics firms.



    Source link

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Previous ArticleDid BSTR get its bitcoin from Tether?
    Next Article KZG Ceremony Special Contributions | Ethereum Foundation Blog
    James Wilson

    Related Posts

    Gillibrand pushes crypto ethics ban after Trump’s $1.4b memecoin disclosure 

    July 4, 2026

    Upbit rejects Open USD role after stablecoin partner claims

    July 4, 2026

    Shielded Labs warns Ironwood delay could disrupt Zcash upgrade

    July 4, 2026
    Leave A Reply Cancel Reply

    Top Posts

    Token unlocks worth over $229m put HYPE, ENA and RED on watch

    May 4, 2026

    Conference, Alpha Testnet and Ether Pre-sale Updates

    May 4, 2026

    DWF Labs-backed USDf depegs as red flags raised over quality of backing

    May 4, 2026

    Cardano adds Scorechain support, will ADA price react next?

    May 4, 2026
    Don't Miss

    Gillibrand pushes crypto ethics ban after Trump’s $1.4b memecoin disclosure 

    By James WilsonJuly 4, 2026

    President Donald Trump’s crypto income disclosure has intensified Senate ethics demands as lawmakers debate the…

    Do Kwon and US gov’t ask to delay legal filings for a third time

    July 4, 2026

    KZG Ceremony Special Contributions | Ethereum Foundation Blog

    July 4, 2026

    Gnosis Pay reveals hidden flaw behind $1.5 million crypto hack

    July 4, 2026
    Stay In Touch
    • Facebook
    • Twitter
    • Pinterest
    • Instagram
    • YouTube
    • Vimeo

    Subscribe to Updates

    Get the latest creative news from SmartMag about art & design.

    Demo
    About Us
    About Us

    CryptifyNow: Your daily source for the latest insights, news, and analysis in the ever-evolving world of cryptocurrency.

    X (Twitter) Instagram YouTube LinkedIn
    Our Picks

    Gillibrand pushes crypto ethics ban after Trump’s $1.4b memecoin disclosure 

    July 4, 2026

    Do Kwon and US gov’t ask to delay legal filings for a third time

    July 4, 2026

    KZG Ceremony Special Contributions | Ethereum Foundation Blog

    July 4, 2026
    Lithosphere News Releases

    This feed has expired. Please contact us for pricing options.

    May 5, 2026
    Copyright © 2026

    Type above and press Enter to search. Press Esc to cancel.