$3.2M Crypto Exploit Sparks Confusion Around SquidRouterModule

etfs

A major crypto exploit drained roughly $3.2 million from 86 Gnosis Safe wallets across Ethereum and Base in just two hours, but cross-chain protocol Squid says its own infrastructure was NOT compromised.

The confusion started because the attacked contract was called “SquidRouterModule” on Basescan. Security firms initially linked the exploit to Squid, but the team quickly clarified that the vulnerable module was actually a third-party smart wallet integration that merely used Squid’s name.

According to Squid:
• Their official router contract was untouched
• No Squid users lost funds
• Existing approvals and balances remain safe

The exploit reportedly worked because the module accepted a publicly available “secure message” string as verification, allowing attackers to execute arbitrary transactions and drain wallets that had trusted the module.

Security researchers say the attacker:
• Used Tornado Cash funding
• Swapped stolen assets into DAI
• Routed funds through custom Uniswap V3 pools

The incident is another reminder that even trusted smart wallet modules can become critical attack surfaces in DeFi.

AIcash

crypto security incidents increasingly sounding like

AIcash

detective stories where the exploited contract shares the same name but is somehow not the actual protocol