Gnosis Confirms Gnosis Pay Exploit and Pledges Full User Reimbursement

• Gnosis confirmed an active Gnosis Pay exploit involving delay module.
• Company launched containment measures and pledged full user reimbursement.
• Latest incident follows recent wallet attack exploiting third-party module.

Gnosis co-founder and CEO Martin Köppelmann confirmed an active exploit affecting Gnosis Pay on Monday, prompting the company to launch emergency containment measures and reassure users that any losses would be fully covered.

According to Köppelmann, the attack involves the Zodiac delay module, a permission layer used within the Gnosis Pay ecosystem. The vulnerability reportedly allows attackers to initiate transactions from Safe wallets that contain the affected module. As a result, Gnosis began coordinating with bridge validators while working to limit further damage.

Blockchain security firm PeckShield also warned users about the exploit and urged affected parties to review their exposure. The alert added urgency to Gnosis’ response as investigators worked to determine the scope of the incident.

Earlier, Köppelmann had advised users to withdraw EURe and GNO from Gnosis Pay wallets. However, he later removed that message and issued an updated statement. He explained that many users would be unable to withdraw immediately while the company focused on containing the exploit.

Also Read: Hyperliquid Jumps 8% While Bitcoin and XRP Drive Crypto Market Higher

Gnosis Moves to Contain Vulnerability

Köppelmann stated that Gnosis believes it can limit most of the damage caused by the attack. He also assured users that the company would make affected customers whole regardless of the final loss amount.

The exploit centers on the Zodiac delay module, which is designed to queue transactions before execution. Investigators believe attackers leveraged weaknesses within that system to gain unauthorized transaction capabilities.

Meanwhile, Gnosis emphasized that the issue does not affect Safe’s core smart contracts. Although Gnosis Pay relies on Safe’s wallet infrastructure, the vulnerability exists within the Gnosis Pay environment rather than Safe itself.

Latest Incident Follows Recent Wallet Exploit

The security incident arrives only days after another attack affected wallets connected to the broader ecosystem. In that case, attackers drained approximately $3.2 million from 86 Gnosis Safe wallets through a third-party module known as SquidRouterModule.

Unlike the latest exploit, the earlier attack reportedly stemmed from weak identity validation controls within an unofficial module. That vulnerability enabled attackers to execute arbitrary calldata without requiring wallet signatures.

Safe became an independent company in 2022 after separating from Gnosis and raising $100 million. Nevertheless, the two organizations remain closely connected because Gnosis Pay relies on Safe’s self-custodial wallet infrastructure.

Gnosis has not disclosed the total value potentially affected by the latest exploit. Additionally, the company has not confirmed how much, if any, user funds have already been lost. Investigations remain ongoing as security teams continue assessing the full extent of the incident and implementing additional safeguards.

Also Read: Robert Kiyosaki Warns Bitcoin Dip Alone Is Not Investors’ Biggest Risk

The post Gnosis Confirms Gnosis Pay Exploit and Pledges Full User Reimbursement appeared first on 36Crypto.