Sponsored slot · leaderboard
HomeCrypto$3.2 Million Crypto Exploit Hits Safes Across Ethereum and Base, Squid Denies Involvement
Crypto

$3.2 Million Crypto Exploit Hits Safes Across Ethereum and Base, Squid Denies Involvement

A $3.2 million exploit hit 86 Safes across Ethereum and Base after hackers abused a third-party Squid-linked module, raising fresh DeFi security concerns.

1h ago 4,280
On this page
  • Exploit Drains Millions Across Ethereum and Base
  • Squid Says Its Core Protocol Was Never Breached
  • How the Attack Happened
  • Funds Laundered Through Fake Token Scheme
  • DeFi Security Problems Continue Growing
  • Squid Recently Raised $6 Million
Share

A major crypto security incident hit the decentralized finance market after hackers exploited a third-party module linked to the name “Squid,” draining nearly $3.2 million from user Safes across both Ethereum and Base networks in just a few hours.

The exploit affected around 86 wallet Safes and once again raised serious concerns about third-party integrations and hidden risks inside decentralized finance infrastructure.

However, cross-chain protocol Squid quickly clarified that the vulnerable contract was not developed, deployed, or controlled by its core team.

Exploit Drains Millions Across Ethereum and Base

According to blockchain security firms Blockaid and PeckShield, the exploit targeted a third-party Gnosis Safe module verified on Basescan under the name “SquidRouterModule.”

Attackers reportedly drained approximately $3.2 million worth of crypto assets within roughly two hours.

The exploit impacted users operating Safes on both, Ethereum and Base

Security researchers later confirmed that the vulnerable module had no direct operational connection to Squid itself despite using the project’s name.

Squid Says Its Core Protocol Was Never Breached

Following the attack, Squid co-founder Fig publicly denied any involvement with the exploited contract.

Fig explained on X that the “SquidRouterModule” was a completely separate third-party product that merely integrated with Squid’s protocol among other services.

He stated that, “The contract called SquidRouterModule is unrelated to Squid. We don't know yet who wrote or deployed this.”

Squid’s official team later tweeted that its core router architecture remained untouched and fully secure throughout the incident. The company also criticized early reports that inaccurately linked the exploit directly to Squid’s main infrastructure.

How the Attack Happened

According to technical analysis from Blockaid, the exploit was caused by a severe verification flaw inside the vulnerable module.

The contract reportedly accepted a caller-provided constant string as proof that transactions were secure. By simply passing that string, attackers could execute arbitrary calldata and spend tokens held inside affected Safes without requiring valid user signatures.

Security researchers explained that the attacker used Foundry-based exploit contracts to impersonate authorized delegates tied to victim wallets.

The exploit specifically targeted the module’s “DelegateBundler” execution path.

Once access was obtained, attackers triggered unauthorized token swaps through Uniswap V3 liquidity pools.

Funds Laundered Through Fake Token Scheme

Investigators said the stolen assets were routed through attacker-created liquidity pools tied to a fake token called “u.” The hacker swapped victim assets into the worthless token before removing liquidity and consolidating profits.

According to PeckShield, the attacker eventually converted the proceeds into roughly 3.07 million DAI stablecoins. The funds are currently being tracked inside a wallet beginning with, “0xa447…54859”

Security researchers also revealed that the exploiter’s original 2.1 ETH funding source came through Tornado Cash, a crypto mixer frequently used to obscure transaction origins.

DeFi Security Problems Continue Growing

The exploit adds to an increasingly difficult year for decentralized finance security. According to market data, the DeFi sector has already suffered more than $770 million in losses during 2026 alone.

April reportedly became one of the worst months on record, with nearly 30 separate exploit incidents causing over $630 million in losses.

Cross-chain infrastructure and bridge systems remain some of the highest-risk areas inside crypto due to their technical complexity and multiple integration layers. Over the past several years, the sector has repeatedly faced major bridge hacks, wallet exploits, and governance attacks.

Squid Recently Raised $6 Million

Ironically, the exploit comes shortly after Squid announced a $6 million strategic funding round led by North Island Ventures.

Other participants included, Ripple, Dialectic

and Borderless Capital

Last week, Fig told media outlets that Squid had completed nine independent security audits, maintained 99.99% uptime, and had never suffered a protocol exploit.

How does this read?
Share

Comments · 0

Sign in to comment. Accounts coming soon.

No comments yet

Be the first to share your take when accounts launch.

Related reading

CRYPTO

Can a $1 Billion Rescue Plan Save Ethereum From a Massive ETH Price Collapse?

@matt-haycox1d ago
CRYPTO

StablR Stablecoins Crash After $10 Million Hack Shakes Crypto Market

@matt-haycox1d ago
CRYPTO

BlackRock Bitcoin ETF Sees $103.7 Million Outflow as Four-Day Selling Streak Deepens

@pramuditya-saputra4d ago
Sponsored slot · native
More from this desk
  • XRP Sentiment Crashes Into Extreme Fear Zone as Traders Turn Bearish Again36m ago
  • Hyperliquid Launches New Prediction Markets Based on Real-World Events1h ago
  • Can a $1 Billion Rescue Plan Save Ethereum From a Massive ETH Price Collapse?1d ago
  • StablR Stablecoins Crash After $10 Million Hack Shakes Crypto Market1d ago
Sponsored slot · native
BlockInsiderBLOCKINSIDER© 2026 BlockInsider.
AboutThe InsidersAdvertiseCareersTermsPrivacy