They claim the attack occurred due to a vulnerability in smart contracts related to SagaEVM's cross-chain transactions. According to a preliminary investigation, the attackers deployed several contracts and conducted cross-chain transactions. The assets lost included USDC, ETH, yUSD, and tBTC. The SSC mainnet is intact, validators are not compromised, and signer keys were not stolen, according to project representatives.

Unknown individuals transferred the bulk of the stablecoins to the Ethereum network, receiving over 2,000 ETH, and sold the remaining coins through the Uniswap V4 decentralized exchange. According to the developers, at the time the hack was reported, the stolen funds were located in wallet 0x2044697623afa31459642708c83f04ecef8c6ecb.

Crypto researcher Vladimir S. suggested that the attackers used a backing contract to bypass security checks and conduct unlimited minting of dollar-denominated stablecoins D (Saga Dollar) without any collateral.

During the attack, two stablecoins, Colt and Mustang, lost their link to the US dollar. The total value of locked funds (TVL) in the protocol plummeted from over $36 million to $21 million, a loss of approximately 42%. The SAGA project's native coin, already trading near historical lows, fell to $0.053. The corporate stablecoin Saga Dollar (D), which also lost its peg to the dollar after the hack, plummeted to $0.75. Earlier, Mitchell Amador, CEO of blockchain security company Immunefi, stated that nearly 80% of crypto projects that experience a major hack never fully recover.