No, Ripple-Backed Ethereum DeFi Protocol Squid Router Isn't Drained for $3 Million

TL;DR

Squid Router, a DeFi protocol backed by Ripple, was falsely accused of being drained for $3 million due to a hacker attack on a third-party module. The developers confirmed that user funds are safe and the incident is unrelated to Squid Router's core protocol.

Key points

Squid Router raised $6 million from Ripple.
False claims of a $3 million hack were due to a third-party module.
User funds are safe and unaffected by the incident.

Mentioned in this story

RippleSquid RouterEthereumBase

Gnosis SafeUniswap V3

Cross-chain platform Squid Router, which recently raised $6 million from Ripple, mistakenly found itself at the center of a scandal due to a hacker attack on third-party software with a similar name. Initial reports on social media claimed that $3 million had been stolen from the protocol, but on-chain analysis and official statements from the developers refuted these rumors. As revealed from reports by Blockaid and PeckShield, due to a critical vulnerability in the code of the third-party SquidRouterModule module, the attacker was able to bypass the security check using a publicly available text string and impersonate a trusted delegate. Since the affected users had previously added this defective contract to their wallets as trusted, the hacker gained the right to spend their assets without personal signatures.

*SquidRouterModule hacker wallet, Source: Peckshield Alert citing* *Etherscan* Through Uniswap V3, the hacker forcibly swapped the victims' real tokens for fake tokens, then extracted liquidity and withdrew the funds to wallet "0xA447...54859". As a result, the hacker drained 86 Gnosis Safe addresses across Ethereum and Base in just two hours, stealing 3.07 million DAI.

Why is Squid Router not involved?

The panic in the media arose solely because of the name of the vulnerable contract. The Squid Router team and its co-founder known online as "fig" quickly stated that the SquidRouterModule contract belongs to an unknown third-party smart wallet that integrated Squid without the developers' knowledge. The platform's original contract, "0xce16F69375520ab01377ce7B88f5BA8C48F8D666", has a different architecture and was not affected. User funds and approvals across all 100+ networks are fully safe.

Q&A

What happened with the Squid Router DeFi protocol?

Squid Router faced false accusations of being drained for $3 million after a hacker exploited a vulnerability in a third-party module, not related to the protocol itself.

How did the hacker exploit the vulnerability in Squid Router?

The hacker bypassed security checks in the third-party SquidRouterModule by impersonating a trusted delegate, allowing them to drain funds from affected users' wallets.

Are user funds safe after the Squid Router incident?

Yes, the Squid Router team confirmed that all user funds and approvals across their networks are fully safe and unaffected by the incident.