# A hacker attacked a third-party software with a similar name. *web3 · news · 2026-05-25 · U.Today* ## Key points - A third-party module named SquidRouterModule—not Squid Router—was compromised, not the main protocol. - 86 Gnosis Safe addresses on Ethereum and Base lost 3.07 million DAI in under two hours. - The exploit allowed attackers to impersonate a delegate due to a critical vulnerability with trusted contracts. - Squid Router's official contract and user funds across 100+ networks were completely unaffected. - The attack coincided with Squid Router's $6 million funding announcement from Ripple and other investors. Cross-chain platform Squid Router, which recently raised $6 million from Ripple, mistakenly found itself at the center of a scandal due to a hacker attack on third-party software with a similar name. Initial reports on social media claimed that $3 million had been stolen from the protocol, but on-chain analysis and official statements from the developers refuted these rumors. As revealed from reports by Blockaid and PeckShield, due to a critical vulnerability in the code of the third-party SquidRouterModule module, the attacker was able to bypass the security check using a publicly available text string and impersonate a trusted delegate. Since the affected users had previously added this defective contract to their wallets as trusted, the hacker gained the right to spend their assets without personal signatures. Through Uniswap V3, the hacker forcibly swapped the victims' real tokens for fake tokens, then extracted liquidity and withdrew the funds to wallet "0xA447...54859". As a result, the hacker drained 86 Gnosis Safe addresses across Ethereum and Base in just two hours, stealing 3.07 million DAI. Why is Squid Router not involved? The panic in the media arose solely because of the name of the vulnerable contract. The Squid Router team and its co-founder known online as "fig" quickly stated that the SquidRouterModule contract belongs to an unknown third-party smart wallet that integrated Squid without the developers' knowledge. The platform's original contract, "0xce16F69375520ab01377ce7B88f5BA8C48F8D666", has a different architecture and was not affected. User funds and approvals across all 100+ networks are fully safe. The attempt to damage Squid's reputation happened at the moment of the project's maximum media rise: on May 22, the platform announced a strategic $6 million round from Ripple, North Island Ventures and angels from Axelar and Ledger. These funds are aimed at expanding the ecosystem, which since 2023 has already processed more than $6 billion in volume for one million users. The incident has no impact on the operations, infrastructure or development plans of the legitimate DeFi protocol. **Companies:** Ripple [Read the full story on U.Today](https://u.today/no-ripple-backed-ethereum-defi-protocol-squid-router-isnt-drained-for-3-million) --- Canonical: https://newsio.io/n/92aad443-6832-422c-af1e-502d22c73134/a-hacker-attacked-a-third-party-software-with-a-similar-name-initial-reports-on Summarized by Newsio from U.Today. https://newsio.io/how-it-works