The project clarified that the vulnerable contract was not built, deployed, or operated by Squid, despite early reports linking the exploit to its protocol. According to the team, the compromised module independently integrated with Squid among other protocols, while Squid’s core router infrastructure was unaffected throughout the attack.
Gnosis Safe Exploit Drains $3.2M
A third-party module connected to the Gnosis Safe ecosystem was exploited across the Ethereum and Base networks, which resulted in approximately $3.2 million being drained from 86 different Safes in a matter of two hours. Blockchain security firms Blockaid and PeckShield were among the first to report details surrounding the incident.
The vulnerable contract was verified on Basescan under the name “SquidRouterModule,” which initially led to confusion due to its association with Squid. However, Squid quickly clarified that the contract was not built, deployed, or operated by the project itself.
Pseudonymous Squid co-founder Fig stated in a post on X that the compromised module was unrelated to Squid’s core infrastructure. According to the team, the protocol’s main router architecture stayed completely separate and was not affected by the exploit at all.
The attack was reportedly made possible because the module accepted a caller-supplied constant string as proof that a transaction message was secure. By passing this value, attackers were allegedly able to bypass signature verification mechanisms and execute arbitrary call data from victim wallets.
Squid explained that this flaw effectively gave attackers the ability to spend tokens held in affected Safes without requiring legitimate wallet approvals. Security researchers said the exploit relied on Foundry-based exploit contracts that targeted the module’s DelegateBundler execution path.
According to Blockaid, the attackers impersonated authorized delegates tied to each Safe and initiated arbitrary token swaps through Uniswap V3 liquidity pools. The stolen assets were converted into an attacker-created worthless token known as “u” through specially seeded liquidity pools controlled by the exploiter. After routing the assets through these pools, the attacker reportedly removed liquidity and consolidated the proceeds into approximately 3.07 million DAI. PeckShield stated that the funds are currently being held in a wallet beginning with “0xa447...54859.”
Squid criticized early public reporting that incorrectly connected the exploit directly to its protocol. The team explained that the vulnerable contract merely shared the Squid name and independently integrated with several protocols, including Squid, without direct involvement from the project itself.
