# 駭客攻擊了名稱相似的第三方軟體。 *web3 · news · 2026-05-25 · U.Today* ## Key points - 遭入侵的是名為SquidRouterModule的第三方模組,而非主協議Squid Router。 - 以太坊和Base上的86個Gnosis Safe地址在不到兩小時內損失了307萬DAI。 - 該漏洞使攻擊者能因受信任合約的嚴重漏洞而冒充代理人。 - Squid Router的官方合約及超過100個網絡上的用戶資金完全未受影響。 - 此次攻擊發生時,正值Squid Router宣布獲得Ripple及其他投資者600萬美元的融資。 Cross-chain platform Squid Router, which recently raised $6 million from Ripple, mistakenly found itself at the center of a scandal due to a hacker attack on third-party software with a similar name. Initial reports on social media claimed that $3 million had been stolen from the protocol, but on-chain analysis and official statements from the developers refuted these rumors. As revealed from reports by Blockaid and PeckShield, due to a critical vulnerability in the code of the third-party SquidRouterModule module, the attacker was able to bypass the security check using a publicly available text string and impersonate a trusted delegate. Since the affected users had previously added this defective contract to their wallets as trusted, the hacker gained the right to spend their assets without personal signatures. Through Uniswap V3, the hacker forcibly swapped the victims' real tokens for fake tokens, then extracted liquidity and withdrew the funds to wallet "0xA447...54859". As a result, the hacker drained 86 Gnosis Safe addresses across Ethereum and Base in just two hours, stealing 3.07 million DAI. Why is Squid Router not involved? The panic in the media arose solely because of the name of the vulnerable contract. The Squid Router team and its co-founder known online as "fig" quickly stated that the SquidRouterModule contract belongs to an unknown third-party smart wallet that integrated Squid without the developers' knowledge. The platform's original contract, "0xce16F69375520ab01377ce7B88f5BA8C48F8D666", has a different architecture and was not affected. User funds and approvals across all 100+ networks are fully safe. The attempt to damage Squid's reputation happened at the moment of the project's maximum media rise: on May 22, the platform announced a strategic $6 million round from Ripple, North Island Ventures and angels from Axelar and Ledger. These funds are aimed at expanding the ecosystem, which since 2023 has already processed more than $6 billion in volume for one million users. The incident has no impact on the operations, infrastructure or development plans of the legitimate DeFi protocol. **Companies:** Ripple [Read the full story on U.Today](https://u.today/no-ripple-backed-ethereum-defi-protocol-squid-router-isnt-drained-for-3-million) --- Canonical: https://newsio.io/zh-TW/n/92aad443-6832-422c-af1e-502d22c73134/300 Summarized by Newsio from U.Today. https://newsio.io/how-it-works