Third-Party Module Exploit Drains $3.2 Million from Gnosis Safe Wallets Across Ethereum and Base.

A sophisticated exploit targeting a third-party Gnosis Safe module resulted in the theft of approximately $3.2 million from 86 distinct Gnosis Safe wallets operating across both the Ethereum mainnet and the Base layer-2 network. The incident, which unfolded rapidly over roughly two hours, has prompted swift investigation by leading blockchain security firms and a categorical…

by

admin

May 25, 2026

No comments

11 minutes

Read Time

A sophisticated exploit targeting a third-party Gnosis Safe module resulted in the theft of approximately $3.2 million from 86 distinct Gnosis Safe wallets operating across both the Ethereum mainnet and the Base layer-2 network. The incident, which unfolded rapidly over roughly two hours, has prompted swift investigation by leading blockchain security firms and a categorical denial of involvement from the legitimate Squid protocol, whose name was coincidentally shared by the compromised module.

The security breach was initially flagged by blockchain analytics and security firms, including Blockaid and PeckShield, who confirmed the scale and rapid execution of the attack. The vulnerable component, appearing on Basescan under the moniker "SquidRouterModule," was definitively disavowed by the official Squid protocol, emphasizing its complete dissociation from their core infrastructure and operations. This incident highlights the complex web of integrations within the decentralized finance (DeFi) ecosystem and the inherent risks associated with third-party components, even those bearing similar names to reputable projects.

Unpacking the Exploit: A Flaw in Validation

The attack vector exploited a critical vulnerability within the "SquidRouterModule" module, which was designed to facilitate interactions with Gnosis Safe multi-signature wallets. According to detailed analyses from Blockaid and other investigators, the module possessed a fundamental flaw: it accepted a caller-supplied string as sufficient proof of message security, critically bypassing robust signature verification mechanisms.

This loophole proved catastrophic. By exploiting this validation weakness, attackers were able to execute arbitrary calldata from the compromised Safes without requiring the legitimate owner’s approval. This allowed for unauthorized transfers of tokens, effectively draining assets from the affected wallets. The method employed by the attackers involved the use of Foundry-based exploit contracts, a set of powerful development tools often used for smart contract testing, but in this case, repurposed for malicious intent. These contracts were utilized to impersonate authorized delegates through the module’s DelegateBundler function, granting the attackers illicit control over the targeted Safes.

The Financial Trail: From Theft to Obfuscation

Once the assets were illicitly accessed, the attackers meticulously routed the stolen funds through Uniswap V3 liquidity pools. This process involved swapping various tokens into a seemingly worthless asset labeled "u." This intermediary step is a common tactic employed by sophisticated attackers to obscure the direct trail of stolen funds, creating an additional layer of complexity for investigators. Following these initial swaps, the attackers removed liquidity from the Uniswap V3 pools, consolidating the value into approximately $3.07 million worth of DAI, a widely recognized decentralized stablecoin.

PeckShield, a prominent blockchain security firm, successfully traced these consolidated funds to a specific wallet address commencing with 0xa447...54859. Further investigation into the attacker’s operational funding revealed that the initial capital for the exploit, amounting to 2.1 ETH, originated from Tornado Cash. Tornado Cash, a decentralized mixing service, has been a contentious platform, often used by malicious actors to obscure the origins and destinations of cryptocurrency transactions, leading to its sanctioning by various regulatory bodies due to its association with illicit activities. The use of Tornado Cash underscores the attacker’s deliberate efforts to maintain anonymity and hinder forensic analysis.

A Detailed Chronology of the Breach

The sequence of events leading to the $3.2 million loss unfolded with alarming speed, highlighting the instantaneous nature of blockchain exploits:

Initial Deployment (Undetermined Date): The malicious "SquidRouterModule" contract was deployed on the Ethereum and Base networks by an unknown third party. Its design incorporated the critical validation flaw that would later be exploited.
Attack Initiation (May 25, 2026): Attackers, having identified and prepared to exploit the vulnerability, began targeting Gnosis Safe wallets that had integrated this specific third-party module.
Rapid Execution (Approximately Two Hours): Over a concentrated period, the attackers systematically exploited 86 Gnosis Safe wallets. During this window, they bypassed signature verification using the caller-supplied string flaw and executed arbitrary calldata to drain funds.
Asset Swapping and Consolidation: Immediately after draining assets, the attackers utilized Uniswap V3 to convert the stolen tokens into "u" tokens, then consolidated them into DAI. This phase was likely executed programmatically to minimize detection time.
Fund Movement to Centralized Wallet: The consolidated DAI, totaling $3.07 million, was then transferred to the attacker-controlled wallet 0xa447...54859.
Detection and Public Disclosure: Security firms Blockaid and PeckShield swiftly identified the ongoing exploit and began their forensic analysis.
Squid Protocol’s Official Response (May 25, 2026): Following initial reports linking the incident to its name, Squid co-founder Fig issued a public statement on X (formerly Twitter) clarifying that the "SquidRouterModule" was unrelated to their core protocol. This was quickly followed by an official announcement from the @squidrouter account, further emphasizing the lack of connection and reassuring their users.
Ongoing Investigation: Security firms and the broader crypto community continue to monitor the attacker’s wallet for any further movement of funds and to gather intelligence on potential perpetrator identities.

Squid Protocol’s Definitive Disavowal and Broader Implications of Naming Confusion

In the immediate aftermath of the exploit, confusion arose due to the vulnerable contract’s name, "SquidRouterModule," which strongly resembled the legitimate Squid protocol. Squid’s co-founder, Fig, promptly addressed these concerns in a public post on X, unequivocally stating, "The contract called SquidRouterModule is unrelated to Squid." The official Squid account subsequently echoed this sentiment, clarifying that while the module shared a similar name, it had no direct connection to their infrastructure.

The project further elaborated that its core router remained entirely separate and unaffected, and its team had no prior knowledge of who deployed the compromised contract. They emphasized that the exploited module was built by a third party and had integrated with several protocols without any prior coordination or official endorsement from Squid. The team maintained that their systems remained secure throughout the event, unaffected by the breach.

Squid Distances Itself From $3.2M Third-Party Module Hack

This incident highlights a growing challenge within the decentralized ecosystem: the potential for naming conventions to mislead users and cause reputational damage to legitimate projects. In a space where trust is paramount, the accidental association with an exploit, even if tangential, can sow doubt. Squid, for its part, has a strong track record, having recently raised $6 million in a funding round led by North Island Ventures, with participation from Ripple, Dialectic, and Borderless. The protocol also boasts nine independent audits and a reported 99.99% uptime with no prior exploit incidents, underscoring its commitment to security and operational integrity. Despite this, the shared name created an immediate, albeit incorrect, link to the incident, demonstrating the subtle complexities of branding and security in a decentralized world.

The Gnosis Safe Ecosystem and the Risks of Modular Design

Gnosis Safe (now Safe) is a leading multi-signature smart contract wallet designed for enhanced security, particularly for managing significant cryptocurrency holdings by individuals, DAOs, and institutions. Its core strength lies in requiring multiple approvals (signatures) for transactions, significantly reducing the risk of single points of failure. A key feature of Gnosis Safe is its modular design, which allows users to extend its functionality by integrating various "modules." These modules can introduce new features, such as automated payments, spending limits, or interactions with specific DeFi protocols.

While modules offer immense flexibility and power, they also represent potential attack vectors. Each module integrated into a Safe essentially gains a degree of control or permission over the Safe’s assets. The security of a Gnosis Safe, therefore, becomes intrinsically linked to the security of every module it utilizes. The "SquidRouterModule" exploit serves as a stark reminder of the critical importance of rigorous auditing and due diligence for any third-party module interacting with a high-value wallet like Gnosis Safe. Users often rely on the perceived security of the core Gnosis Safe contract, but fail to fully vet the permissions and code quality of integrated modules. This incident underscores that the weakest link in a composable system can compromise the entire chain.

Broader Context: The Alarming Trend of DeFi Exploits in 2026

The $3.2 million Gnosis Safe exploit is not an isolated incident but rather a sobering addition to a troubling trend of escalating losses within the DeFi sector in 2026. This year has already witnessed over $770 million in total losses due to hacks, exploits, and rug pulls across various decentralized platforms. April alone was particularly brutal, recording approximately 30 separate incidents that resulted in more than $630 million being drained from numerous protocols.

These figures paint a grim picture of the ongoing security challenges facing the nascent DeFi industry. Common attack vectors include:

Flash Loan Attacks: Manipulating asset prices on decentralized exchanges by taking out uncollateralized loans, executing rapid trades, and repaying the loan within a single transaction.
Re-entrancy Vulnerabilities: A flaw allowing an attacker to repeatedly withdraw funds from a smart contract before the balance is updated.
Oracle Manipulation: Tricking price oracles (which feed external data to smart contracts) to report incorrect asset values, leading to unfair liquidations or asset drains.
Private Key Compromise: Though less common for smart contract exploits, phishing or malware can lead to direct theft from user wallets.
Logic Errors and Access Control Flaws: Bugs in a contract’s code that grant unauthorized access or allow unintended operations, as seen in the Gnosis Safe module exploit.
Rug Pulls: Malicious developers abandoning a project and making off with investors’ funds, often by draining liquidity pools.

The persistent nature of these exploits highlights the inherent risks of open-source, immutable smart contracts operating with significant capital. While transparency is a core tenet of blockchain, it also means vulnerabilities, once discovered, can be rapidly exploited by sophisticated attackers.

Implications for Users and the DeFi Ecosystem

This incident carries significant implications for both individual users and the broader DeFi ecosystem:

Heightened Scrutiny for Third-Party Integrations: Users and projects integrating third-party modules or protocols must exercise extreme caution and perform thorough due diligence. Relying solely on a familiar name or perceived association is insufficient. Independent security audits, transparent code, and a clear understanding of the permissions granted to any integrated component are paramount.
The "Composability" Paradox: DeFi’s strength lies in its composability – the ability to combine different protocols like LEGO bricks. However, this also means that a vulnerability in one component can have cascading effects across the entire ecosystem. The "SquidRouterModule" exploit is a stark reminder that the security of a composite system is only as strong as its weakest link.
Evolving Threat Landscape: Attackers are continually refining their methods, utilizing advanced tools like Foundry and employing sophisticated obfuscation techniques with services like Tornado Cash. This necessitates a proactive and adaptive approach to security from all stakeholders.
The Burden of Responsibility: While core protocols like Gnosis Safe strive for maximum security, the ultimate responsibility often falls on the end-user to understand and vet the modules they choose to integrate. This can be a significant technical burden for the average crypto participant.
Call for Industry-Wide Standards: The incident underscores the need for more robust industry standards around module development, auditing, and clear disclaimers for integrations that are not officially sanctioned or rigorously vetted by the core protocol.
Challenges in Fund Recovery: The use of mixers like Tornado Cash and the rapid conversion of assets make fund recovery exceedingly difficult, if not impossible, for victims. This reinforces the "self-custody, self-responsibility" ethos of crypto but also highlights the need for better security infrastructure.

Looking Ahead: Enhancing Security Measures

The ongoing wave of DeFi exploits necessitates a multi-faceted approach to bolster security across the decentralized landscape. For protocols, this means:

Continuous Audits and Bug Bounties: Regular, independent security audits by reputable firms, coupled with robust bug bounty programs, are crucial for identifying and patching vulnerabilities before they can be exploited.
Formal Verification: Utilizing formal verification methods to mathematically prove the correctness of smart contract code can eliminate entire classes of vulnerabilities.
Clearer Module Vetting and Certification: Protocols offering modularity, like Gnosis Safe, could implement more stringent vetting processes or a tiered certification system for third-party modules, providing users with clearer guidance on trusted integrations.
Enhanced Monitoring and Incident Response: Real-time monitoring of smart contract activity and a well-drilled incident response plan are essential for rapid detection and mitigation of ongoing attacks.

For users, the lessons are equally clear:

Due Diligence is Non-Negotiable: Always verify the authenticity and security of any smart contract or module before interacting with it, especially when connecting a high-value wallet.
Understand Permissions: Be fully aware of the permissions you grant to smart contracts or modules.
Diversify Holdings: Avoid putting all assets into a single wallet or relying on a single set of integrations.
Stay Informed: Keep abreast of security advisories and best practices from trusted sources within the crypto community.

The Gnosis Safe module exploit serves as another potent reminder that while innovation in DeFi continues at an unprecedented pace, the imperative for robust security must evolve even faster. The collective efforts of developers, auditors, security firms, and informed users will be critical in building a more resilient and trustworthy decentralized future.