Squid and Safe Labs say third-party module behind $3.2M exploit
A third-party Safe module called SquidRouterModule drained $3.2 million from 86 Ethereum and Base wallets in two hours. The exploit, unrelated to Squid's core protocol, exploited a vulnerability allowing attackers to impersonate delegates and trigger unauthorized token swaps. Safe Labs flagged the module as malicious, highlighting risks from unvetted wallet extensions for Indian investors using multi-sig wallets.
Key takeaways
- 1A third-party SquidRouterModule drained $3.2 million from 86 Safe wallets across Ethereum and Base in two hours.
- 2The vulnerability allowed attackers to impersonate delegates and trigger unauthorized token swaps via unvetted wallet modules.
- 3Safe Labs' Safe Shield feature had already flagged the malicious module, but users who ignored warnings lost funds.
Coins in this story
Why it matters
Indian retail investors using multi-signature wallets must verify module legitimacy before granting execution permissions, as unvetted third-party extensions pose direct fund-loss risks regardless of core protocol security.
Explore how Regulation is shaping crypto markets — aggregated stories, leading coins, and weekly momentum.
Explore narrativeRelated stories
Pope Leo Releases First AI Encyclical, Calls Data a Common Good and Rejects Moral Neutrality of Tech
Pope Leo's first AI encyclical declares data a common good and rejects technology's moral neutrality, signaling institutional scrutiny of crypto and blockchain innovation. The Vatican's stance emphasizes ethical governance over unfettered digital advancement, potentially influencing regulatory frameworks globally. For Indian crypto investors, this reflects growing institutional pressure for responsible development, affecting long-term market sentiment and compliance expectations across exchanges.
