Squid Clarifies $3.2M Exploit Was Not Linked to Its Core Protocol System

• Squid confirmed compromised wallet module operated independently from official protocol infrastructure.
• Attackers drained Gnosis Safes after exploiting vulnerable third-party verification mechanism.
• Security concerns around trusted wallet modules increased following multi-million dollar exploit.

Squid stated that its core protocol remained unaffected after attackers drained nearly $3.2 million from Gnosis Safes on Ethereum and Base. The clarification followed confusion surrounding a compromised contract called “SquidRouterModule,” which carried the company’s branding on Basescan.

According to blockchain security firm Blockaid, attackers exploited the vulnerable module and drained 86 Gnosis Safes within roughly two hours. Moreover, the stolen assets were swapped into DAI through attacker-controlled Uniswap V3 liquidity pools.

Squid explained that the exploited contract belonged to a third-party smart-wallet product integrating multiple protocols, including Squid. Additionally, the company stressed that it neither deployed nor operated the vulnerable module linked to the exploit.

The platform also confirmed that its official router infrastructure functioned normally during the attack. Besides that, Squid stated that user funds, token approvals, and integrations connected to its protocol remained secure throughout the incident.

Also Read: Something Major Is Happening to XRP Liquidity on Binance: Details

Faulty Verification System Enabled Wallet Draining

According to Squid, the exploit succeeded because the third-party module accepted a caller-provided constant string as message verification. Consequently, attackers used that publicly accessible string to execute arbitrary calldata through the vulnerable contract.

The compromised Gnosis Safes had previously approved the module as a trusted wallet integration. Because of those permissions, the contract gained authority to transfer tokens without requiring additional wallet signatures.

Moreover, the exploit exposed growing concerns surrounding external wallet modules operating across decentralized finance ecosystems. Security researchers continue examining how broad permissions inside multisignature wallets create additional risks for users and institutions.

According to the platform, early reporting created confusion because the attacked contract shared part of Squid’s branding. However, the company insisted that the exploit targeted only a third-party “SquidRouterModule” contract rather than Squid’s core routing infrastructure.

Squid also emphasized that its official router contract uses a completely different architecture from the compromised module. Furthermore, the company stated that its production systems never interacted with the vulnerable contract during the exploit.

Security Risks Around External Wallet Modules Continue Growing

The incident added to broader security concerns involving external integrations connected to Gnosis Safe wallets. Additionally, researchers continue tracking whether similar permission structures exist across other decentralized finance applications.

Moreover, the exploit highlighted how trusted wallet modules can expose users to unauthorized transfers when security verification systems fail. Squid stated it continues monitoring developments closely and will provide additional updates if new information emerges.

Also Read: Zcash Privacy Narrative Faces Pressure as Arkham Tracks $420 Billion Activity

The post Squid Clarifies $3.2M Exploit Was Not Linked to Its Core Protocol System appeared first on 36Crypto.