Opening
A third-party module connected to the Gnosis Safe ecosystem was exploited across Ethereum and Base networks, draining approximately $3.2 million from 86 different Safes in two hours. The vulnerable contract, verified on Basescan as "SquidRouterModule," initially sparked confusion due to its name association with Squid protocol. However, Squid clarified that the contract was not built, deployed, or operated by the project, and that the module independently integrated with Squid and other protocols without direct project involvement. Security firms Blockaid and PeckShield were among the first to report details of the incident, which exploited a flaw in the module's signature verification mechanism.
Exploit Mechanics
The vulnerable module accepted a caller-supplied constant string as proof that a transaction message was secure. By passing this value, attackers were able to bypass signature verification mechanisms and execute arbitrary call data from victim wallets. This flaw gave attackers the ability to spend tokens held in affected Safes without requiring legitimate wallet approvals.
Security researchers determined that the exploit relied on Foundry-based exploit contracts that targeted the module's DelegateBundler execution path. According to Blockaid, the attackers impersonated authorized delegates tied to each Safe and initiated arbitrary token swaps through Uniswap V3 liquidity pools.
Asset Conversion and Current Status
The stolen assets were converted into an attacker-created worthless token known as "u" through specially seeded liquidity pools controlled by the exploiter. After routing the assets through these pools, the attacker removed liquidity and consolidated the proceeds into approximately 3.07 million DAI. PeckShield stated that the funds are currently being held in a wallet beginning with "0xa447...54859."
Squid 的釐清
Squid 批評先前的早期公開報導,內容不正確地將該攻擊直接連結到其協定。化名的 Squid 聯合創辦人 Fig 表示,被入侵的模組與 Squid 的核心基礎設施無關。根據團隊說法,協定的主要路由器架構始終完全獨立,且未受到該攻擊影響。Squid 解釋,存在漏洞的合約只是共用 Squid 這個名稱,並獨立地整合了數個協定,包括 Squid,而該計畫本身並未直接參與。
