Gnosis Pay Suffers $1.5 Million Exploit Due to ERC-1271 Vulnerability

Gnosis Pay Suffers $1.5 Million Exploit Due to ERC-1271 Vulnerability

First seen 3 Jul 2026, 22:13 UTC KucoinCryptonews 82% similarity 67.5

Article Content

Browse articles
ThreatCluster

On June 1, Gnosis Pay experienced a significant security incident due to a flaw in the ERC-1271 signature verification logic within the Zodiac Delay Module. This vulnerability allowed attackers to deploy contracts that falsely authorized fund withdrawals from 5,281 wallets, resulting in the theft of approximately $1.5 million, including $641,000 in GNO, $453,000 in EURe, and $399,000 in USDC.e. The flaw was introduced with Zodiac code version 3.4.0 in October 2023 and was patched on June 5. Gnosis Pay's incident response was swift, with the attack detected within two hours, leading to the isolation of affected systems. The company has committed to covering user losses and is expanding its security measures. The incident reflects a broader trend of cyberattacks in the crypto sector, which has seen hundreds of millions stolen in recent months.

Key Points: • Gnosis Pay lost approximately $1.5 million due to a vulnerability in ERC-1271. • The vulnerability allowed attackers to forge authorizations and withdraw funds from user accounts. • Gnosis Pay has committed to covering user losses and enhancing its security protocols.

ThreatCluster AI

Timeline

2023-10-01
Zodiac code version 3.4.0 released
The vulnerable version of the Zodiac Delay Module was introduced, containing the flaw in ERC-1271.
Cryptonews
2026-06-01
Security incident at Gnosis Pay
Attackers exploited a vulnerability in the ERC-1271 signature verification logic, leading to unauthorized fund withdrawals.
Cryptonews
2026-06-05
Vulnerability patched
Gnosis Pay patched the vulnerability in the Zodiac Delay Module to prevent further exploitation.
Kucoin
2026-07-03
Post-mortem report released
Gnosis Pay shared a detailed report on the incident, outlining the attack method and impact on users.
Cryptonews

Community

Browse all →