Gnosis Pay has attributed a $1.5 million hack to a hidden flaw in the Zodiac delay module, a smart contract component used to manage transaction timing on its payment platform. What Gnosis Pa
Gnosis Pay has attributed a $1.5 million hack to a hidden flaw in the Zodiac delay module, a smart contract component used to manage transaction timing on its payment platform.
What Gnosis Pay says caused the $1.5 million hack
The company pointed to a previously unknown vulnerability in the Zodiac module as the root cause of the exploit, according to reporting from Crypto.news. Gnosis Pay described the flaw as "hidden," meaning it was not caught during prior audits or internal reviews. For related coverage, see Whale Withdraws 20,520 ETH from Binance via Gnosis Safe.
Gnosis Pay published a post-mortem on its official blog detailing the exploit mechanism. The Zodiac delay module is designed to enforce waiting periods on transactions, but the flaw reportedly allowed an attacker to bypass those protections. For related coverage, see Report Says U.S. Users Still Dominate Polymarket Political Betting After Ban.
It is important to note that this explanation comes from Gnosis Pay itself. Independent verification of the root cause remains incomplete, and readers should treat the company's account as its stated position rather than a confirmed finding. For related coverage, see Fintech Revolution Summit Malaysia 2026 Opens Sponsorship, Speaking, and Exhibition Opportunities.
What is known about the exploit's impact so far
The reported loss stands at $1.5 million. Beyond that headline figure, key details about the number of affected users, the exact attack path, and whether any funds have been recovered remain unclear.
Gnosis has previously pledged to cover user losses from the exploit, as reported by The Defiant. That commitment, if honored, would limit direct financial damage to users of the payment platform.
The broader Gnosis ecosystem has seen significant activity in recent months, including a move where a whale withdrew 20,520 ETH from Binance via Gnosis Safe, and the project's acquisition of HQ.xyz for $14.95 million to expand its ecosystem. The hack introduces a security question mark over a project that has been actively scaling.
What happens next for Gnosis Pay and affected users
Gnosis Pay's post-mortem is the primary document to watch. Users and security researchers can follow updates through the Gnosis Pay account on X for any further disclosures or remediation steps.
The key facts still needing independent confirmation include the exact vulnerability mechanism, whether the Zodiac module flaw affects other projects using the same component, and a full accounting of losses. Gnosis also operates infrastructure like the Gnosis Chain xDAI bridge, and users across the ecosystem will be watching for any broader security reviews.
Until third-party auditors or security firms corroborate the Zodiac flaw explanation, the $1.5 million exploit remains a story defined primarily by Gnosis Pay's own account.
Disclaimer: This article is for informational purposes only and does not constitute financial or investment advice. Cryptocurrency and digital asset markets carry significant risk. Always do your own research before making decisions.
Read original article on coinlineup.com