Cross-chain router Squid distanced itself from a third-party Gnosis Protected module, SquidRouterModule, after attackers drained about $3.2 million throughout Ethereum and Base.
Blockchain safety companies flagged the exploit that affected 86 Gnosis Protected accounts in roughly 2 hours.
Squid Disowns $3.2 Million SquidRouterModule Exploit
Blockaid highlighted that the attacker swapped stolen tokens into Dai (DAI) by means of attacker-controlled Uniswap V3 swimming pools.
Individually, safety agency PeckShield stated the attacker was initially funded with 2.1 ETH from Twister Money. Furthermore, the agency added that the exploiter’s pockets 0xA447…54859 contained the stolen property.
Comply with us on X to get the most recent information because it occurs
Squid moved quick on X to separate its protocol from the exploited contract. The crew stated the “contract shares our identify however isn’t our code.” It additionally confused that none of its customers had been affected.
“Early public reporting might reference ‘SquidRouter’ as a result of contract’s verified identify on Basescan. The correct framing is: a third-party SquidRouterModule was exploited, not Squid’s Router contract,” the crew stated.
On Basescan, the compromised contract carries the identify “SquidRouterModule,” which sparked early confusion. Squid stated the crew had no function in writing the contract or pushing it on-chain. It described the module as a third-party smart-wallet product that built-in with a number of protocols, together with Squid.
Squid’s precise router sits at 0xce16F69375520ab01377ce7B88f5BA8C48F8D666 and runs on a special design. That contract was not affected by the assault, and present consumer balances, approvals, and platform integrations all stay protected.
“The exploit labored as a result of the third-party module accepted a caller-supplied fixed string as proof {that a} message was safe. In the event you cross on this string (which is publicly out there within the verified contract’s code), then you’ll be able to execute an array of arbitrary calldata, stealing funds at will. The victims’ Safes had added this defective contract as a trusted Protected Module, which provides the contract the power to spend any tokens within the Protected with out signatures,” the protocol defined.
The episode is considered one of a number of crypto exploits to hit protocols this month. DefiLlama tracked greater than 20 exploits in Could 2026.
Subscribe to our YouTube channel to observe leaders and journalists present knowledgeable insights
The put up Squid Distances Itself From $3.2 Million Hack of Lookalike Third-Social gathering Contract appeared first on BeInCrypto.