Login
Sign Up
Woofun AI reports that Gnosis Pay published a post-incident analysis on June 1, identifying a flaw in the Zodiac module's ERC-1271 signature verification logic as the root cause of a security breach. The vulnerability allowed attackers to forge approvals by deploying contracts that returned "valid" status despite failing calls, leading to unauthorized fund withdrawals. Introduced in Zodiac version 3.4.0 in October 2023, the issue was resolved on June 5. Attackers stole approximately $1.5 million from 5,281 wallets, comprising $641,000 in GNO, $453,000 in EURe, and $399,000 in USDC.e, while an additional $300,000 remains locked in inaccessible accounts. Gnosis Pay announced plans to expand its security team, engage external audits, and has completed a full product rebuild (version 2) to strengthen security protocols.