Gnosis Pay Exploit Targets Delay Module, User Losses Expected

Gnosis Pay Exploit Targets Delay Module, User Losses Expected

First seen 1 Jun 2026, 14:52 UTC Theblock.CoThedefianthelp.gnosispay.comEn.BloomingbitBitget+1 78% similarity 69.0

Article Content

Browse articles
ThreatCluster

Gnosis Pay experienced an exploit on June 1, 2026, affecting its delay module, which controls transaction permissions for users' Safe wallets. Co-founder Martin Köppelmann confirmed that the attacker could initiate transactions from wallets utilizing this module. Gnosis has pledged to cover all user losses, though the exact amount taken and number of affected accounts remain undisclosed. The exploit follows a recent incident where $3 million was drained from 86 Safe wallets due to a separate vulnerability. Gnosis is actively working to contain the damage and has requested bridge validators to pause operations to limit further losses. Blockchain security firm PeckShield has advised users to check their exposure and withdraw funds where possible. The incident highlights vulnerabilities in smart contract-based payment systems, emphasizing the need for robust security measures.

Key Points: • Gnosis Pay's delay module exploit allows unauthorized transaction initiation from Safe wallets. • Gnosis has committed to reimbursing all affected users, though the extent of losses is still unclear. • This incident follows a previous exploit draining $3 million from 86 Safe wallets.

ThreatCluster AI

Timeline

2026-06-01
Gnosis Pay exploit confirmed
An exploit targeting the delay module of Gnosis Pay was confirmed by co-founder Martin Köppelmann, affecting user transactions.
Thedefiant
2026-06-01
Gnosis pledges to cover user losses
Gnosis announced it would fully reimburse users affected by the exploit, although the total losses remain undisclosed.
Theblock.Co
2026-06-01
PeckShield warns users
Blockchain security firm PeckShield alerted Gnosis Pay users to check their exposure and withdraw funds where possible due to the ongoing exploit.
En.Bloomingbit
Recent
Previous exploit reported
A separate incident drained $3 million from 86 Gnosis Safe wallets due to a vulnerability in a third-party module.
Theblock.Co

Community

Browse all →