When your brand gets pinned to an exploit you didn't write, deploy, or control, you learn the hard way that composability cuts both ways.
The Summary
- Attackers drained roughly $3.2 million from 86 Gnosis Safe accounts across Ethereum and Base using a third-party module called SquidRouterModule in about 2 hours
- Squid and Safe Labs both say the module was external, not part of their core systems, and Squid claims it doesn't know who deployed the malicious contract
- Blockchain security firm Blockaid flagged the exploit as stolen tokens were swapped into DAI, giving attackers liquid stablecoins
- The incident exposes the reputation risk of permissionless composability: anyone can name a contract after your protocol
The Signal
Squid, a cross-chain router protocol, spent the weekend playing defense after attackers drained $3.2 million through a Gnosis Safe module that bore its name but wasn't its code. The exploit hit 86 Safe wallets across Ethereum and Base in roughly two hours. The attackers moved fast, and security firms like Blockaid caught them mid-swap, converting stolen tokens into DAI for clean exits.
Here's the messy part: SquidRouterModule wasn't deployed by Squid. The protocol publicly stated it doesn't know who wrote or deployed the module. Safe Labs echoed the same defense. Both companies said their core systems were unaffected. Technically true. Reputationally? Different story.
"We don't know who deployed this."
This is the dark side of composability that doesn't get talked about enough. In Web3, anyone can deploy a contract, name it whatever they want, and hook it into modular infrastructure like Gnosis Safe. If that contract has a backdoor or sloppy access controls, users lose money. If that contract happens to share a brand name with a legitimate protocol, that protocol spends the next 72 hours explaining it wasn't them.
The exploit itself was surgical:
- 86 wallets hit across two chains
- Roughly 2-hour window from first drain to last
- Immediate conversion to DAI for liquidity
Safe wallets are modular by design. You can bolt on modules for everything from social recovery to automated trading. That flexibility is the feature. But it also means users are trusting code they didn't audit, from developers they don't know, operating under brand names that may or may not be legitimate. The 86 people who lost money this weekend thought they were using something Squid-adjacent. They weren't.
The Implication
If you're building in Web3, start thinking about brand defense like it's a security layer. Squid can't stop someone from deploying SquidRouterModule. But protocols need monitoring infrastructure to flag lookalike contracts the moment they go live. Users need better tooling to verify what they're signing. Wallets need to surface module provenance before you click approve.
For users: treat third-party modules like you'd treat a sketchy browser extension. Just because it has the right name doesn't mean it has the right code. If you're adding a module to your Safe, verify the deployment address against official docs. If you can't find it listed anywhere, don't touch it.