On May 25, 2026, a third-party Gnosis Safe module named SquidRouterModule was attacked on Ethereum and Base, and within an approximate two-hour time window, the attacker continuously targeted multi-signature wallets that had installed this module, ultimately emptying about 86 Gnosis Safes and causing a loss of approximately $3 million to $3.2 million. The tokens that were taken were transferred to an address controlled by the attacker, who then converted them into DAI through its self-built Uniswap V3 liquidity pool. The on-chain security agency Blockaid captured this wave of abnormal activity during the attack, identifying the target as the SquidRouterModule on the Ethereum and Base networks and alerted the scale of affected wallets. Initially, some media and on-chain comments directly expressed it as "Squid protocol was hacked," amplifying panic over Squid's security in a short time; however, as Squid officials stated that the module was neither built nor operated by the team, and the vulnerability originated from the third-party Safe module, and that the core Squid protocol and user funds were unaffected, the narrative of "Squid being hacked" was quickly corrected, while this third-party module, which had completed contract verification on Basescan but had a murky identity, was thrust into the spotlight.

Naming Collision: A Misunderstood Incident of "Squid Hacked"

The reason this attack was quickly packaged as "Squid hacked" stems largely from the misleading nature of its name: the targeted module is called SquidRouterModule, which sounds like an official routing contract from Squid, and is deployed on two mainstream networks, Ethereum and Base, as part of a third-party smart wallet product responsible for aggregating routing. This module itself integrates Squid and other services and has completed contract verification on Basescan, but the identities of the developers and deployers are not clearly marked in public materials. After the attack occurred, the repeated mention of "SquidRouterModule" in reports from on-chain security agencies easily simplified the narrative in the dissemination chain to "Squid Router was compromised," with some media and on-chain comments following suit and sliding the narrative toward "Squid protocol was attacked."

Realizing that public opinion was interpreting an incident involving a third-party Safe module as a questioning of the core protocol, the Squid team quickly intervened to clarify the boundaries: the statement clearly pointed out that the vulnerability originated from a third-party Gnosis Safe module and was unrelated to any contracts built, deployed, or operated by the Squid team; the core Squid protocol and contracts were unaffected, and all Squid users and integrators needed to take no action. The intertwined process of false reports and clarifications exposed the cognitive risks under DeFi's multi-layer integration: when different projects exhibit highly similar module naming or even directly overlay brand terms, once an incident occurs at one layer, it is often the most prominent name itself that is first impacted, even if it is not technically the true "source of failure."

Emptying 86 Safes in Two Hours: The Visible Parts of the Attack Path

Going back to May 25, Blockaid detected an unusually dense chain activity: within an approximate two-hour window, Gnosis Safes installed with the SquidRouterModule began to be "emptied in batches" on the two networks of Ethereum and Base. Almost all known victims had one commonality—they all integrated this third-party module, and the attack consistently unfolded along the wallets in which this module was located, ultimately totaling about 86 Safes compromised.

From observed on-chain actions, after locking onto the targeted Safe, attackers would transfer the tokens one by one to addresses they controlled, and then concentratedly import them into a Uniswap V3 liquidity pool they controlled, converting different assets into DAI. Throughout this process, the migration paths of the tokens and the exchange behavior were clearly visible, but how the attackers obtained operational permissions for these Safes at the contract level, and which specific designs or vulnerabilities in the module were exploited, has not yet been publicly or verifiably disclosed. So far, public materials can only clarify that this attack spanned two chains, emptied 86 Safes, and consolidated assets into DAI within two hours; the underlying attack vectors and complete asset destinations remain unconfirmed.

The Black Box Risk of Modules: Who is Endorsing the Integration?

The original design intent of Gnosis Safe was to turn multi-signature vaults into an extensible "operating system" through a modular architecture: any third-party developer can deploy modules, and smart wallet products can package these modules into one-click functionalities directly provided to users' Safes. The attacked SquidRouterModule is such a third-party module; it was not built by the Squid team but is part of a smart wallet product that integrates Squid and other services under the same interface, leading users to believe they are merely using a "function button" while actually authorizing a contract logic written by an independent developer.

On-chain, this module has completed contract verification on Basescan, and the "verified" label can easily be misinterpreted by ordinary users as a form of security endorsement, but it simply means that the source code matches the on-chain bytecode and does not equal review by Gnosis Safe officials or professional auditing agencies. More subtly, some community comments suggest that most victims were using custom or third-party created smart wallets rather than official templates, but this claim has not yet been substantiated. For end users, when they see familiar names like "Squid" in the Safe interface, they naturally equate the module with the Squid official protocol, but it is difficult to discern who is developing, integrating, and reviewing behind the scenes, which under a structure where developers, integrators, and foundational platforms share the same brand and entry point, has caused the originally complex responsibility boundaries to be imagined as a single "official." Within this structure, the module freedom of the Safe ecosystem and users' understanding of "who is responsible" have formed a notable safety gray area that cannot be ignored.

Blockaid's Early Warning and Project Clarification: From Panic to Correction

When the attackers emptied Gnosis Safes that had installed the SquidRouterModule on Ethereum and Base in batches, the first to connect this abnormal activity into an event was the on-chain security agency Blockaid. They provided an early warning while the attack was still ongoing: the target was a Safe module named SquidRouterModule, occurring intensively within about two hours, with approximately 86 Safe wallets emptied, resulting in millions of dollars in losses. This statement narrowed the attack's scope to "wallets that had installed a specific module," providing coordinates for subsequent clarification of responsibility boundaries.

However, in the delayed information dissemination chain, early media and some on-chain comments still used terms like "Squid hacked" and "SquidRouter protocol was attacked," escalating a module-level vulnerability to a protocol-level incident. Only after the Squid officials promptly released a statement, repeatedly emphasizing that the vulnerability originated from a third-party Safe module and was unrelated to the core Squid protocol and contracts, and clarifying that all Squid users and integrators were unaffected and needing no action, did this narrative get firmly pulled back to the module level. It is noteworthy that, as of now, there has been no clear statement in public materials regarding remedial paths, potential asset recovery, victim compensation, or subsequent audit arrangements, and until more technical details and responsibility arrangements are disclosed, the market's pricing and emotional response to this attack can only remain based on this incomplete set of fragmentary facts.

What DeFi Should Learn from the Misinterpreted Hacking Case

This attack, which emptied approximately 86 Gnosis Safes and caused a loss of around $3 million to $3.2 million in about two hours, has sounded two alarms for the modular wallet ecosystem: first, what was truly compromised was the third-party SquidRouterModule attached to the Safe, rather than any "core protocol," indicating that often the weakest link above multi-signatures and smart wallets is the external modules; second, from the initial "Squid hacked" media misreading to the official repeated clarifications that the vulnerability stemmed from the third-party Safe module, this narrative distortion chain indicates that naming and branding have become part of a systemic risk in DeFi security perception. For individual users, the direct lesson from this incident is: when installing modules for wallets or authorizing contracts, they should not only look at familiar names or logos on the interface but should actively confirm who developed the module, who deployed it, whether the responsibility parties are clear, and if necessary, compare on-chain contract information to avoid extending trust in a well-known protocol to an unknown integrator. For the entire ecosystem, key follow-up observation points are still ahead: including when the public review of the root cause of the vulnerability will be available, whether Gnosis Safe and other smart wallets will tighten the access, display, and risk warning mechanisms for third-party modules, and how security agencies like Blockaid can provide a more readable warning system that distinguishes "protocol entity" from "third-party module" beyond just monitoring, and ultimately how to redefine the boundaries between composability and security will be questions that DeFi infrastructure must continuously address going forward.

Join our community for discussions and to grow stronger together!
On-chain Telegram group: https://t.me/AiCoinWhaleData
On-chain community: https://www.aicoin.com/link/chat?cid=N6OVMor5g
AiCoin on-chain Twitter: https://x.com/aicoinwhaledata
Exclusive AiCoin Hyperliquid benefits: https://app.hyperliquid.xyz/join/AICOIN88
Exclusive AiCoin Aster benefits: https://www.asterdex.com/zh-CN/referral/9C50e2

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。