Security Alert: Rogue Module Hits 86 Gnosis Safes for $3.2M in Rapid Drain

TL;DR:

• A malicious Gnosis Safe module identified as “SquidRouterModule” drained approximately $3.2 million from 86 wallets on Ethereum and Base.
• The exploit ran for two hours; funds were converted into ~3.07 million DAI and sent to a single wallet controlled by the attacker.
• Squid disclaimed all responsibility: the contract uses its name but was developed and deployed by a third party with no ties to the team.

A third-party module verified on Basescan under the name “SquidRouterModule” was exploited on the Ethereum and Base networks; the attacker drained approximately $3.2 million from 86 wallets within a two-hour window. Security firms Blockaid and PeckShield reported the incident.

Cross-chain interoperability protocol Squid moved quickly to distance itself from the case and the compromised contract. “The contract called SquidRouterModule is not related to Squid. We still don’t know who wrote or deployed it,” anonymous co-founder Fig wrote on X. The team clarified that its core router operates in an architecturally separate manner and was not affected.

Squid users and integrators are safe. No approvals are at risk on any chain.

The contract called SquidRouterModule is unrelated to Squid. We don’t know yet who wrote or deployed this

— fig (@ecdsafu) May 25, 2026

The Module Flaw That Enabled the Theft

The vulnerability lay in the module’s authentication logic: it accepted a constant string provided by the caller as proof that a message was legitimate. With that mechanism broken, an attacker was able to execute arbitrary calldata and dispose of tokens held by victims without requiring valid signatures.

According to Blockaid, the attacker deployed Foundry-based exploit contracts that called the module’s DelegateBundler path, impersonating authorized delegates and triggering arbitrary swaps through Uniswap V3 pools. The targeted assets were funneled into a worthless token created by the attacker himself, named “u,” through previously seeded Uniswap V3 pools. The attacker then withdrew the liquidity and consolidated everything into approximately 3.07 million DAI, now held in a wallet beginning with “0xa447…54859,” according to PeckShield. The attacker’s initial funding — 2.1 ETH — came from Tornado Cash.

The DeFi Crisis Deepens

Squid noted that the first public reports referencing the “SquidRouter” module were technically inaccurate. The contract shares the name but belongs to a third-party product that chose to integrate with Squid, among other protocols, without having had any contact with the team.

This incident adds to the already staggering losses in the DeFi sector. The industry has accumulated more than $770 million stolen so far in 2026. April recorded a peak of approximately 30 incidents and more than $630 million lost.