Gnosis Pay Exposes 2023 Software Flaw in $1.5M Hack, France Busts $1.8M Crypto Villa Scam

3 hour ago 1 sources neutral

Key takeaways:

  • Gnosis Pay's swift reimbursement cushions GNO's price, yet lingering smart contract doubts could dampen long-term confidence.
  • Rising physical crypto crimes in France signal growing need for privacy-focused assets and personal security measures.
  • The $300K unrecovered despite issuer freezes exposes DeFi insurance gaps, hinting at future demand for on-chain coverage.

Gnosis Pay has revealed that a hidden vulnerability in the Zodiac smart contract framework, present since October 2023, enabled the theft of $1.5 million from its card safe infrastructure on June 1, 2026. The flaw, traced to version 3.4.0 of the framework, was exploited to gain control of digital assets across the decentralized self-custodial payment network, affecting 5,281 wallets holding at least $1 each.

The company’s treasury manager NOCA detected the first unauthorized transfer at 06:17 UTC, and engineers identified the root cause within two hours. Services were suspended, the bridge to Gnosis Chain was temporarily halted, and attacker wallet addresses were shared with stablecoin issuers. By the night of June 3, the first accounts were restored after deploying new card-safe modules, with 99% of users back online by June 6. Gnosis Pay absorbed the losses, fully reimbursing customers, though roughly $300,000 remains unrecovered. The attackers stole mostly GNO, EURe, USDC.e, and other assets.

Meanwhile, French police in Gassin–Saint-Tropez arrested a mother and son on June 25 for a “rip deal” that defrauded a wealthy couple of €1.5 million ($1.8 million) in crypto. The suspects posed as intermediaries for a fake villa sale in Ramatuelle, inviting the sellers to Milan. During a second meeting, they allegedly used hidden camera glasses to capture wallet credentials, then drained the victims’ crypto holdings. The pair, with prior similar offenses, face organized fraud charges and appear in court on September 1. French authorities also noted a rise in crypto-related kidnappings and extortion, with 77 cases in 2026, up from 45 in 2025.

Previously on the topic:
Jun 29, 2026, 2:42 p.m.
Q2 2026 Becomes Worst Quarter Ever for Crypto Hacks
Disclaimer

The content on this website is provided for information purposes only and does not constitute investment advice, an offer, or professional consultation. Crypto assets are high-risk and volatile — you may lose all funds. Some materials may include summaries and links to third-party sources; we are not responsible for their content or accuracy. Any decisions you make are at your own risk. Coinalertnews recommends independently verifying information and consulting with a professional before making any financial decisions based on this content.