The layer-one blockchain Saga has suspended its EVM network following a hack that resulted in the theft of $7 million in USDC.
SagaEVM has been paused at block height 6593800 in response to a confirmed exploit on the SagaEVM chainlet.
— Saga ⛋ (@Sagaxyz__) January 21, 2026
Mitigation is underway, and the team is fully focused on a solution.
Further updates will follow once details are confirmed.
The hackers transferred the funds through a cross-chain bridge and converted them into Ethereum. The team has already identified the hacker's wallet.
“The attack was a coordinated sequence of actions: deploying smart contracts, conducting cross-network operations, and subsequently withdrawing liquidity,” the project stated in its blog.
Consequences
The incident affected only SagaEVM and two of the platform's stablecoins — Colt and Mustang. Both stablecoins lost their peg to the dollar.
Another dollar-pegged asset from the project, identified by the ticker D, also experienced a depeg, dropping to $0.70.
Source: CoinGecko.In the wake of the hack, the price of the SAGA token fell by 5.2% to $0.05.
Hourly chart of SAGA/USDT on Binance. Source: TradingView.
The main Saga SSC network, consensus mechanism, and validators remain secure.
The project team is working with exchanges and bridge operators to recover the stolen funds. SagaEVM will resume operations once the developers complete their investigation into the incident.
Possible Causes
Cybersecurity expert Vladimir S. suggested that the attacker exploited a vulnerability in the Saga Dollar smart contract.
Saga EVM has been exploited for $7 million!
— Vladimir S. | Officer's Notes (@officer_secret) January 21, 2026
An attacker minted D tokens (Saga Dollar) out of thin air with a helper contract that abused IBC mechanisms with custom messages.
Exploit Contract: https://t.co/Mv95cI2Ixf
Attacker: https://t.co/OCLoWB30LBhttps://t.co/MeyFZqcNhr… pic.twitter.com/3ekVOkaRhY
“By creating custom messages or data, the contract bypassed checks in the bridge precompile logic, allowing for unlimited issuance of D tokens without any collateral,” he explained.
Blockchain analyst known as Specter speculated that the attack might have resulted from a compromised private key.
This week, the DeFi protocol Makina Finance also suffered a hack, with approximately $5 million stolen from one of its stablecoin pools.
It is worth noting that in 2025, the total amount stolen reached $3.4 billion, the highest since 2022. Three incidents, including the $1.46 billion hack of Bybit, accounted for 69% of all losses.
Immunefi CEO Mitchell Amador concluded that nearly 80% of cryptocurrency projects cease to exist after major attacks.