Close Menu
    Home / About / Advertise / Contact
    News

    Gnosis Commits to Complete User Reimbursement Following Gnosis Pay Security Incident

    Oliver DaleBy No Comments3 Mins Read

    Key Takeaways

    • Full user reimbursement confirmed by Gnosis following payment platform exploit
    • Security vulnerability in Zodiac Delay Module sparks immediate response measures
    • Emergency containment procedures deployed across compromised Safe infrastructure
    • Payment system users encounter exposure following delay module security gap
    • Incident highlights ongoing security challenges in smart contract payment platforms

    Following the discovery of a critical vulnerability in the Zodiac Delay Module, Gnosis initiated emergency protocols to address a security compromise affecting Gnosis Pay. The incident impacted payment accounts built on Safe infrastructure, prompting immediate protective measures. The company has committed to providing complete reimbursement to all affected users who experience financial losses.

    Critical Vulnerability Discovered in Zodiac Delay Module

    The security incident originated when malicious actors identified and exploited a critical weakness within the Zodiac Delay Module integrated into Gnosis Pay infrastructure. This module typically enforces a time delay before executing specific outbound transactions as a security measure. However, the discovered flaw enabled unauthorized parties to bypass these protections and execute transactions from Safes utilizing the compromised module.

    The Gnosis Pay platform operates by connecting Safe smart account technology with traditional payment card networks, enabling cryptocurrency-to-fiat spending. The architecture incorporates various modular components designed to facilitate account management and transaction processing. Unfortunately, a security weakness in one specific module created immediate vulnerability for users maintaining balances in EURe and GNO tokens.

    Martin Köppelmann, co-founder of Gnosis, publicly acknowledged the vulnerability’s connection to the delay module mechanism. He emphasized that the exploit granted attackers the capability to trigger unauthorized transactions from vulnerable Safe accounts. The development team immediately classified the situation as an active security emergency requiring urgent user attention.

    Emergency Response Protocols Activated

    As the exploit’s scope became apparent, Gnosis implemented comprehensive containment measures to limit potential damage across affected infrastructure. The organization coordinated with bridge validators to temporarily suspend related operations, effectively restricting potential pathways for unauthorized fund transfers. This strategic pause provided the investigation team with critical time to assess the breach’s full impact.

    The company simultaneously issued urgent guidance advising users to immediately withdraw their EURe and GNO holdings wherever technically feasible. Köppelmann subsequently acknowledged that manual withdrawal procedures might prove impractical for many users given the circumstances. Consequently, the Gnosis team prioritized implementing infrastructure-level protective measures to minimize ongoing exposure risk.

    Blockchain security firm PeckShield independently issued warnings regarding the active exploitation campaign targeting Gnosis Pay users. The firm strongly recommended that potentially affected users immediately assess their risk exposure and secure their assets through withdrawal. Throughout the incident, Gnosis maintained its commitment to fully compensate users for any losses directly attributable to the security breach.

    Incident Raises Questions About Payment Platform Security

    As of this writing, [[LINK_START_2]]Gnosis[[LINK_END_2]] has not disclosed the total financial impact resulting from the security compromise. The organization has yet to publish a comprehensive technical analysis detailing the exploit methodology. Additionally, the precise number of compromised accounts remains undisclosed pending ongoing investigation.

    This incident intensifies scrutiny surrounding smart contract-based payment infrastructure security. Gnosis Pay’s value proposition centers on bridging self-custodial cryptocurrency wallets with Visa network integration for everyday purchases. While this model provides users with enhanced financial sovereignty, it simultaneously creates dependencies on secure permission management and module integrity.

    The breach also occurs within a broader pattern of security incidents affecting Safe ecosystem components. Earlier, Blockaid documented a separate $3 million theft affecting 86 Safe wallet users across Ethereum and Base networks. These recurring incidents underscore how third-party modules can introduce significant security vulnerabilities within cryptocurrency payment systems and wallet infrastructure.

     

    ✨ Limited Time Offer

    Get 3 Free Stock Ebooks

    Discover top-performing stocks in AI, Crypto, and Technology with expert analysis.

    • Top 10 AI Stocks - Leading AI companies
    • Top 10 Crypto Stocks - Blockchain leaders
    • Top 10 Tech Stocks - Tech giants
    📥 Get Your Free Ebooks
    Free Stock Ebooks
    Share.

    Oliver Dale is Editor-in-Chief of MoneyCheck and founder of Kooc Media Ltd, A UK-Based Online Publishing company. A Technology Entrepreneur with over 15 years of professional experience in Investing and UK Business.His writing has been quoted by Nasdaq, Dow Jones, Investopedia, The New Yorker, Forbes, Techcrunch & More.He built Money Check to bring the highest level of education about personal finance to the general public with clear and unbiased reporting.oliver@moneycheck.com

    KO Stocks

    Related Posts

    Add A Comment

    Comments are closed.

    No KYC. 70% Rakeback & 10% Cashback, Exclusive Thrill Originals!