Sagaevm Exploit Halts SagaEVM Chain After $7M Breach

Following a severe sagaevm exploit that drained millions in user funds, the Saga team has temporarily halted its EVM chain while it addresses the breach.

SagaEVM chain halted after coordinated $7 million attack

The SagaEVM chain has been paused after a saga smart contract exploit drained nearly $7 million in assets, prompting the team to halt the network at block height 6,593,800. This decisive move aims to contain damage while engineers investigate the root cause and develop a secure fix.

According to initial findings, attackers executed a coordinated sequence of contract interactions and cross chain bridge exploit maneuvers to extract funds. Moreover, the operation appears to have been carefully scripted to evade basic on-chain monitoring tools and maximize the speed of withdrawals.

Funds bridged to Ethereum and attacker wallet response

The exploiters reportedly used a complex bridge to ethereum attack to move the stolen assets off the Saga network. In particular, they leveraged cross-chain functionality to route funds into the Ethereum ecosystem, where liquidity is higher and tracing becomes more challenging.

To limit further damage, the Saga team is working with centralized exchanges and infrastructure partners to enforce an attacker wallet blacklist. However, tracking these flows in real time remains difficult once assets disperse through multiple pools and addresses across chains.

Impact on Saga Dollar and total value locked

The breach triggered a sharp market reaction in Saga Dollar, the ecosystem’s core stable asset, which briefly dropped to about $0.75. This saga dollar depeg incident reflected shaken confidence as traders rushed to exit positions amid uncertainty over losses and recovery plans.

Moreover, the exploit immediately cut the protocol’s total value locked drop by more than half, as users withdrew liquidity or saw positions liquidated by the attack’s cascading effects. That said, this decline primarily affected the EVM chain’s DeFi layer rather than the underlying consensus infrastructure.

Core network security and next steps

Despite the disruption, Saga emphasized that its core network remains secure and operational, with the pause limited to the SagaEVM environment. The team stressed that critical consensus and base-layer validation processes were not compromised by the sagaevm exploit, which was confined to a vulnerable smart contract surface.

Looking ahead, Saga plans to complete a full forensic review, patch affected contracts, and work on recovery mechanisms where possible. However, any compensation, protocol redesign, or phased chain restart will likely depend on the outcome of the investigation and coordination with partners and affected users.

In summary, the incident marks a major test for Saga’s ecosystem resilience, but the rapid chain halt, exchange coordination, and focus on securing the core network suggest a structured response aimed at restoring user trust.