A third-party module on Ethereum and Base that integrates with the Gnosis Safe ecosystem was exploited, resulting in the theft of approximately $3.2 million in assets from 86 Safe wallets within two hours. Because the contract in question was listed as "SquidRouterModule" on Basescan, the incident was initially mistakenly believed to be directly related to the cross-chain protocol Squid.
Squid stated that it has not deployed any contracts.
Squid subsequently responded, stating that the vulnerable contract was not built, deployed, or operated by the project team; it was merely a standalone module integrated with Squid and other protocols. The team stated that Squid's core routing infrastructure was unaffected during the attack.
The project team also criticized the incorrect associations in the early public information, stating that the problematic contract only had "Squid" in its name and did not mean that the module belonged to the Squid protocol itself.
Two hours affected 86 Safe
Blockchain security firms Blockaid and PeckShield were among the first to disclose details of the incident. The two organizations stated that the attack occurred at the level of a third-party module within the Gnosis Safe ecosystem, impacting both the Ethereum and Base networks.
- The number of affected wallets is 86 Safe.
- The total amount of assets transferred was approximately US$3.2 million.
- The funds were subsequently pooled into approximately 3.07 million DAI.
Vulnerability bypasses signature verification
According to publicly available analysis, the module accepts a fixed string provided by the caller and uses it as proof of the transaction message's security. Attackers can use this to bypass signature verification and execute arbitrary data calls to the victim's wallet.
Squid stated that this flaw allows attackers to access tokens held in affected Safes without obtaining authorization from legitimate wallets. Security researchers indicated that the attack exploited a Foundry-based exploit contract and targeted the DelegateBundler execution path of that module.
The flow of funds has been tracked
Blockaid stated that the attackers impersonated authorized agents associated with various Safes and initiated arbitrary token swaps through Uniswap V3 liquidity pools. The stolen assets were then exchanged for a worthless token called "u," and these liquidity pools were pre-set and controlled by the attackers.
After the assets passed through these pools, the attackers removed the liquidity and pooled the proceeds. PeckShield stated that the funds are currently held in a wallet address that begins with "0xa447...54859".
