Gnosis is addressing a security issue with its Gnosis Pay service. Hackers took advantage of a weakness in a feature called the Zodiac Delay Module. According to co-founder Martin Köppelmann, Gnosis will reimburse anyone impacted by the breach.
The company requested that those who verify transactions on its network temporarily halt related activity while it worked to minimize the impact of a security issue. Initially, Köppelmann alerted users to an ongoing hack affecting Gnosis Pay and a feature called the ‘delay module.’ He assured them that the company would cover any losses incurred and asked for patience while they worked to resolve the situation.
We removed a previous tweet that advised users to withdraw their funds. While most users won’t be able to complete withdrawals, we’re working hard to limit any negative impact. We’re confident we can resolve most of the issues, and we guarantee everyone will be fully reimbursed.
— koeppelmann (@koeppelmann) June 1, 2026
He also explained that a previous message telling users to withdraw their money had been removed. He stated that while most users won’t be able to withdraw funds, they are working hard to limit the impact of the situation. They are confident they can resolve most of the issues, and they guarantee that all users will be fully compensated.
Anatomy of the Zodiac Delay flaw
Gnosis Pay lets you spend your cryptocurrency in everyday life by connecting your self-custody crypto wallet to a Visa debit card. It keeps your crypto secure using advanced ‘Safe’ wallet technology and flexible, customizable programming.
The Zodiac Delay Module is a key security feature. It’s a smart contract that intentionally introduces a waiting period between when a transaction is requested and when it’s completed on the blockchain. This delay gives security systems time to review the transaction and block any that appear suspicious or unauthorized.
But the attacker found a weakness in how the security feature was built, effectively reversing its purpose. This flaw let their tool skip the usual security checks and directly send transactions from Safes using the affected module.
When the attack began, Köppelmann pointed out that most regular users wouldn’t be able to move their funds to safety on their own. The Gnosis team reacted quickly by working with the networks that validate transactions to halt all transfers out of the system, effectively blocking the attacker’s ability to steal funds.
Delay module faces new scrutiny
As of today, Gnosis Pay hasn’t announced the total financial losses from the recent security issue. They also haven’t released a detailed explanation of how the breach happened, so it’s currently unknown how many users were impacted. The team is still working to confirm that all malicious activity has ceased.
This event has also highlighted potential dangers with payment systems that rely on smart contracts. Gnosis Pay allows users to spend cryptocurrency in daily transactions by linking their self-custody wallets to a Visa card.
This system lets people use cryptocurrency for everyday purchases, but it also creates a risk: flaws in security settings or the software code could lead to financial losses.
Recent attacks add context
This new security issue follows a recent attack on systems connected to Gnosis Safe. Hackers previously stole around $3 million from 86 Safe wallets on Ethereum and Base, as reported by blockchain security company Blockaid. Blockaid identified a flaw in a component called SquidRouterModule as the cause of that earlier hack.
Blockaid discovered that hackers exploited a weakness in the `executeSameChainActions()` function. This let them impersonate authorized users and approve transactions they shouldn’t have. They then converted the stolen money into DAI using Uniswap V3 liquidity pools they controlled.
Gnosis has been working to get back funds lost in previous hacks. In April, they successfully recovered $9.4 million stolen during the Balancer hack in November 2024 by performing a hard fork on the Gnosis Chain. These recovered funds are now held in a wallet managed by the community, who are currently discussing how to best distribute them.
These events show how difficult it is for cryptocurrency systems to keep users safe, remain decentralized, and react quickly when problems happen.
Read More
- Off Campus Season 1 Soundtrack Guide
- 46 Years Later, The Mandalorian & Grogu Answers A Major Empire Strikes Back Question
- X-Men ’97 Finally Gave Gambit the Hero Moment He Deserved
- Chainsaw Man Volume 24’s Cover Art Reveals a Brand-New Denji
- 10 Worst End-Game Couples In Sitcom History
- HoI4 fans harsh reactions to the announcement of another DLC pack
- Hatsune Miku cosplayer goes viral selling $15 cups of “foot juice” to thirsty anime fans
- Dragon Quest II HD-2D Remake: Where to get the Magic Key
- DoorDash responds after customer uses AI to make food look bad and get a refund
- Katanire’s Yae Miko Cosplay: Genshin Impact Masterpiece
2026-06-01 16:23