{"id":97459,"date":"2026-05-25T17:03:26","date_gmt":"2026-05-25T14:03:26","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=97459"},"modified":"2026-05-25T17:05:17","modified_gmt":"2026-05-25T14:05:17","slug":"squid-denies-involvement-in-3-million-contract-breach","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/squid-denies-involvement-in-3-million-contract-breach\/","title":{"rendered":"Squid Denies Involvement in $3 Million Contract Breach"},"content":{"rendered":"<p>The developers of the cross-chain bridge Squid have denied any involvement with the SquidRouterModule contract, which was breached for approximately $3 million. The security incident was reported by experts at Blockaid.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">\ud83d\udea8 Blockaid detected an ongoing exploit targeting the SquidRouterModule on Ethereum and Base.<\/p>\n<p>86 Gnosis Safes drained for ~$3M in ~2 hours. <br \/>All stolen tokens swapped to DAI via attacker-controlled Uniswap V3 pools.<br \/>More details in \ud83e\uddf5<\/p>\n<p>\u2014 Blockaid (@blockaid_) <a href=\"https:\/\/twitter.com\/blockaid_\/status\/2058875782810726556?ref_src=twsrc%5Etfw\">May 25, 2026<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>According to their information, the attack affected 86 wallets on the Ethereum and Base networks. It was also <a href=\"https:\/\/x.com\/PeckShieldAlert\/status\/2058887446268645747\">reported<\/a> by PeckShieldAlert. Their data indicates that the attacker funded the address through Tornado Cash with 2.1 ETH and exchanged the stolen funds for 3 million DAI.<\/p>\n<p>Squid stated that hackers breached a third-party Gnosis Safe module. The vulnerable contract is registered on Basescan as SquidRouterModule, but it is not associated with the main project. It is a third-party product in the form of a smart wallet that chose to integrate with Squid.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">This incident is unrelated to Squid\u2019s core protocol and contracts. All Squid users and integrators are unaffected and no action is needed.<\/p>\n<p>A third-party Gnosis Safe module was exploited today across Base and Ethereum, resulting in approximately $3.2M in losses. The vulnerable\u2026 <a href=\"https:\/\/t.co\/I3gGmdBvE9\">https:\/\/t.co\/I3gGmdBvE9<\/a><\/p>\n<p>\u2014 squid (@squidrouter) <a href=\"https:\/\/twitter.com\/squidrouter\/status\/2058890710611276238?ref_src=twsrc%5Etfw\">May 25, 2026<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u201cThe attack succeeded because the third-party module accepted a provided fixed string as message security confirmation. By passing it, one could execute an array of arbitrary call data and steal funds,\u201d the developers stated.<\/p>\n<\/blockquote>\n<p>Users of Safes added the vulnerable contract as a trusted module, granting it the right to spend any tokens without a signature. Squid&#8217;s own router (0xce16F69375520ab01377ce7B88f5BA8C48F8D666) has a different architecture and was not affected.<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u201cThis contract bears our name but is not our code,\u201d Squid concluded.<\/p>\n<\/blockquote>\n<h2 class=\"wp-block-heading\">Investments<\/h2>\n<p>Days before the incident, Squid announced securing $6 million in funding. The project is a cross-chain infrastructure platform initially developed within the Axelar ecosystem.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">We are proud to announce that Squid has raised $6M in funding round led by North Island Ventures and backed by strategic investors!<\/p>\n<p>Our new chapter has begun, with more news coming soon. Today we celebrate and say thank you. CHEERS \ud83d\udcab <a href=\"https:\/\/t.co\/4xzUCt8eEa\">pic.twitter.com\/4xzUCt8eEa<\/a><\/p>\n<p>\u2014 squid (@squidrouter) <a href=\"https:\/\/twitter.com\/squidrouter\/status\/2057894019082973564?ref_src=twsrc%5Etfw\">May 22, 2026<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>North Island Ventures led the funding round, with participation from Ripple, Dialectic, and Borderless.<\/p>\n<p>In total, the project has raised $13.5 million \u2014 $3.5 million in 2023 and $4 million in 2024.<\/p>\n<p>Since its launch in 2023, the platform has processed over 4 million transactions totaling more than $6 billion. It has served 1 million users through its own application and partner integrations.<\/p>\n<p>Squid generates revenue through corporate services and plans to introduce transaction fees. Existing tools allow asset transfers between different blockchains such as Bitcoin, Ethereum, Solana, Cosmos, and XRP Ledger.<\/p>\n<p>The developers of the latter are official partners of Squid in bridge creation, managing a network validator and participating in project governance.<\/p>\n<p>Back in April, an unknown individual <a href=\"https:\/\/forklog.com\/en\/news\/hacker-breaches-hyperbridge-mints-1-billion-polkadot-tokens\">exploited a vulnerability<\/a> in the Hyperbridge cross-chain bridge smart contract, gained administrator rights, and issued 1 billion DOT.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The developers of the cross-chain bridge Squid have denied any involvement with the SquidRouterModule contract, which was breached for approximately $3 million.<\/p>\n","protected":false},"author":1,"featured_media":97460,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"Squid denies involvement in $3M contract breach, citing third-party module vulnerability.","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1210,44,1111],"class_list":["post-97459","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-cross-chain-protocols","tag-cybercrime","tag-cybersecurity"],"aioseo_notices":[],"amp_enabled":true,"views":"15","promo_type":"1","layout_type":"1","short_excerpt":"Squid denies involvement in $3M contract breach, citing third-party module vulnerability.","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/97459","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=97459"}],"version-history":[{"count":1,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/97459\/revisions"}],"predecessor-version":[{"id":97461,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/97459\/revisions\/97461"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/97460"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=97459"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=97459"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=97459"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}