Squid walks away from a $3.2 million hack of a similar third-party contract

[ad_1]

Away from the Squid-chain routing protocol from the third-party Gnosis Safe unit, SquidRouterMode attackers withdraw about 3.2 million dollars via Ethereum and the Internet.

Security companies have discovered the exploit that affected 86 Gnosis Safe accounts in the world.

تبرأ سكوييد من تسلقة SquidRouterModule بمبلغ 3.2 ملليون دولر

Blockaid ruled the light But the attacker transferred the stolen tokens to DAY (DAI) through Uniswap V3 pools that are controlled by the attacker.

Security company PeckShield reported separately that the attacker was initially funded with 2.1 ETH From Tornado Cash. In addition, the company added that the wallet used 0xA447…54859 was stolen.

Follow us on X To get the latest news as it happens

#PeckShieldAlert The SquidRouterModule was leveraged for ~$3M in assets.
The exploiter, which was initially financed with 2.1 $ETH from #TornadoCashexchanged the stolen funds for ~3M $GIVE. The stolen assets are currently sitting in the exploiter’s wallet 0xA447 … 54859 pic.twitter.com/RAmpIZQhQh

– PeckShieldAlert (@PeckShieldAlert) May 25, 2026

Move quickly on X to open the protocol About the contract that was exploited. The team explained that “the contract carries our name but it is not our source code.” He also added that none of his employees were affected.

The team said that the early public reports probably refer to “SquidRouter” because of the name of the rear. The exact frame is: the SquidRouterModule module is used by a third party, and it is not connected to the router

Users noticed in Basescan that the node that was discovered has the name “SquidRouterModule”, which caused the initial error. Squid explained that the team did not have any role in writing this contract or publishing it, and described the unit as a third-party smart wallet product integrated with several raw protocols from Squid.

Squid’s current router resides at 0xce16F69375520ab01377ce7B88f5BA8C48F8D666 and operates with a different layout. That contract was not affected by the hack, and existing user balances, approvals and integrations with the platform all remain secure.

Explain the protocol that the exploit was successful because the third-party unit was accepting the string. It was successful because the third-party unit was accepting the string. If you pass this series (publicly available in the code of the contract), you can publicly in the code of the contract arbitrary data collection, and steal money as you want. The victims added their security units to this flawed contract as a reliable Safe Module, with the flaw being the ability to invest any tokens in Safe without signatures.

اشر على ان This incident is one of them Several attacks targeting digital currencies have targeted protocols this month. DefiLlama pointed out to him You are being followed more than 20 operations in May 2026.

اشترك في We linked us on YouTube to see the leaders and journalists and they provide expert opinions and news

[ad_2]

Source link