Cross-chain router Squid isolated itself from the third part of the Gnosis Safe module, SquidRouterModule, after attackers spent about $3.2 million through Ethereum and Base.
The blockchain security firm announced a hack that affected 86 Gnosis Safe accounts in about two hours.
Squid Denies $3.2 Million SquidRouterModule Exploit
Restrictions lighting fixtures that the attacker exchanged stolen tokens in Dai (DAI) through attackers Uniswap Pools V3.
Separately, security firm PeckShield said the attacker was funded with 2.1 ETH. from Tornado Cash. Additionally, the company added that the hijacker’s wallet 0xA447…54859 contained the stolen items.
Follow us on X to hear the latest news as it happens
Squid moved quickly on X to separate his plan from the contract used. The team said that “the partnership shares our name but not our code.” It also stressed that none of its users were affected.
“Early public announcements may refer to ‘SquidRouter’ because of the verified contract name on Basescan. The correct capture is: a third-party SquidRouterModule was used, not Squid’s Router contract,” the team said.
On Basescan, the affected connection has the name “SquidRouterModule,” which caused confusion. Squid said the group has no part in writing the contract or pushing on the chain. It described the feature as a third-party smart-wallet that integrates with multiple protocols, including Squid.
The actual squid router is located at 0xce16F69375520ab01377ce7B88f5BA8C48F8D666 and runs in different configurations. The contract was not affected by the attack, and the existing measures, approvals, and platforms are all safe.
“The exploit worked because the third party accepted the fixed string provided by the caller as proof that the message is safe. If you pass this string (which is publicly available in the authentication code of the agreement), then you can make random calls, steal money at will. signs in the Safe without a signature,” the protocol he explained.
The episode is one of A number of cryptos destroy protocols this month. DefiLlama to follow more than 20 in May 2026.
Subscribe to our YouTube channel a way to watch leaders and journalists deliver professional information
A note Squid Distances Itself From $3.2 Million Hacking of Seemingly Similar Third-Party Agreement appeared for the first time BeInCrypto.
