Gnosis Pay exploit hits delay module as team pledges refunds
Gnosis is responding to an active exploit affecting Gnosis Pay, tied to the system’s delay module. Co-founder Martin Köppelmann first warned users to withdraw funds, a message echoed by PeckShield, but later retracted it after saying most users likely could not withdraw and that the team is working to contain the damage. Gnosis says it will cover user losses and make affected users whole. Key details remain unclear, including how much was stolen, which users or contracts were hit, and whether the problem lies in the Zodiac delay module, its Gnosis Pay configuration, or a deeper design flaw. A former Near developer noted that Gnosis Pay routes self-custody through a shared delay layer, so a bug there could affect many users at once. The incident follows a separate Safe-related module exploit that drained about $3.2 million.
