Close Menu
  • Instructions
  • News
    • DeFi
    • Smart Contract
    • Markets
    • Web3
    • Adoption
    • Memecoins
    • Analysis
    • Mining
    • Scams
    • Security
  • Education
    • Learn
    • Wallets & Exchange
  • Documentaries
  • Videos
    • Alessio Rastani
    • Altcoin Buzz
    • Coin Bureau
    • Dapp University
    • DataDash
    • Digital asset News
    • EllioTrades Crypto
    • MMCrypto
    • Lark Davis
    • Ivan on Tech
    • Benjamin Cowen
  • Market
    • Crypto Market Cap
    • Heat Map
    • Converter
    • Metal Prices
    • Stock prices
  • Bonus Books
  • Tools
What's Hot

AAVE Price Prediction: Dead Momentum at $94 Sets Up a Make-or-Break Week

July 16, 2026

France’s World Cup Exit Erases Sportsbook Liability as Prediction Volume Surges

July 16, 2026

International Sting Dismantles Cyprus-Based Crypto Fraud Hub Targeting Benelux Investors

July 16, 2026
Facebook X (Twitter) Instagram
Recession Profit AlertsRecession Profit Alerts
  • Instructions
  • News
    • DeFi
    • Smart Contract
    • Markets
    • Web3
    • Adoption
    • Memecoins
    • Analysis
    • Mining
    • Scams
    • Security
  • Education
    • Learn
    • Wallets & Exchange
  • Documentaries
  • Videos
    • Alessio Rastani
    • Altcoin Buzz
    • Coin Bureau
    • Dapp University
    • DataDash
    • Digital asset News
    • EllioTrades Crypto
    • MMCrypto
    • Lark Davis
    • Ivan on Tech
    • Benjamin Cowen
  • Market
    • Crypto Market Cap
    • Heat Map
    • Converter
    • Metal Prices
    • Stock prices
  • Bonus Books
  • Tools
Recession Profit AlertsRecession Profit Alerts
Home»Security»Squid and Safe Labs say third-party module behind $3.2M exploit
Security

Squid and Safe Labs say third-party module behind $3.2M exploit

May 26, 2026No Comments2 Mins Read

A suspected third-party Safe module exploit has drained about $3.2 million from wallets across Ethereum and Base, with multiple teams pointing to an external module as the cause.

Blockchain security platform Blockaid reported the incident on Monday, saying it involved a contract labeled “SquidRouterModule,” which initially led to confusion over a possible link to the cross-chain protocol Squid.

Squid later said on X that the issue was unrelated to its core protocol and instead involved a third-party module integrated into Safe wallets.

“A third-party SquidRouterModule was exploited, not Squid’s Router contract,” Squid said, adding that the contract shares its name but not its code.

The incident highlights how a trusted wallet module can be used to move funds if it has been granted broad execution permissions within a smart account.

86 Gnosis Safes drained for $3 million in about two hours

Safe, formerly Gnosis Safe, is a multi-sign wallet running on multiple networks, which requires a minimum number of users to approve a transaction before execution.

It can also be extended with optional modules, which are smart contracts that allow approved code to execute actions on behalf of the wallet.

According to Blockaid, the attack affected at least 86 Safe accounts within roughly two hours, with all stolen tokens swapped to Dai (DAI) via attacker-controlled Uniswap V3 pools.

Source: PeckShieldAlert

The suspected root cause is a vulnerability in SquidRouterModule, which allegedly allowed the attacker to impersonate authorized delegates and trigger unauthorized token swaps, Blockaid said.

Module attribution and Safe response

Safe Labs CEO Rahul Rumalla said the accounts “do not seem to be operated on official Safe Wallet product,” adding that it remains unclear how and where they were created and managed, likely created through externally deployed integrations.

See also  Hacker Who Stole a Huge Amount of Solana Earlier This Year Converted the Assets into Another Altcoin

Source: Rahul Rumalla

He said Safe Wallet surfaces such risks through “Safe Shield,” a feature designed to flag potentially malicious or unverified modules and guards before they are used. The CEO added that the exploited module had already been flagged as malicious by Blockaid, which is included in Safe Shield’s risk detection ruleset.

Cointelegraph approached Safe and its CEO for comment but did not receive a response by publication time.

Source link

3.2M Exploit Labs Module safe Squid thirdparty

Related Posts

International Sting Dismantles Cyprus-Based Crypto Fraud Hub Targeting Benelux Investors

July 16, 2026

Summer.fi to Shut Down Operations Following $6.1 Million Security Breach

July 16, 2026

Summer.fi to Shut Down Operations Following $6.1 Million Security Breach

July 16, 2026

Modular macOS Stealer Uses Kill Loops to Force Password Entry

July 16, 2026
Top Posts

Billions Lost as Crypto Hackers Shift Focus Beyond Code Flaws

June 19, 2026

NY Attorney General Warns of ‘Pig Butchering’ Scams as Crypto Fraud Losses Surge

February 19, 2026

Michael Saylor's Strategy signals potential bitcoin sale to fund dividends obligations

May 6, 2026

Type above and press Enter to search. Press Esc to cancel.