Ripple News: Squid Raised $6 Million With Ripple Backing, Then Lost Half of It to a Hack Less Than 24 Hours Later

Ripple News: Squid Crypto closed a $6 million strategic funding spherical led by North Island Ventures with participation from Ripple on May 25, 2026, and inside lower than 24 hours, an attacker drained $3 million from the protocol.

The exploit hit a third-party liquidity aggregation module built-in into Squid’s cross-chain swap infrastructure, not the audited core contracts.

Squid’s official response has been to distance itself from the breach completely, stating the crew doesn’t know who deployed the precise module chargeable for the drain.

(*24*)

Blockaid detected an ongoing exploit concentrating on the SquidRouterModule on Ethereum and Base.

86 Gnosis Safes drained for ~$3M in ~2 hours.
All stolen tokens swapped to DAI by way of attacker-controlled Uniswap V3 swimming pools.
More particulars in

— Blockaid (@blockaid_) May 25, 2026

Squid operates as a meta-DEX and chain-abstraction protocol, routing cross-chain swaps throughout a number of networks via aggregated liquidity layers.

The $6M elevate was positioned as a catalyst for increasing that interoperability infrastructure, with Ripple’s involvement framed as a strategic alignment with its broader cross-chain and funds roadmap. That narrative collapsed inside a single information cycle.

Discover: The Best Crypto to Diversify Your Portfolio

Ripple News: How the Squid Crypto Exploit Worked: The Third-Party Module Vulnerability

The assault vector was a peripheral liquidity aggregation module that Squid had just lately built-in to facilitate cross-chain swap routing, a element sitting outdoors the protocol’s audited core contract suite.

The attacker exploited manipulated value feeds or misconfigured entry permissions inside this module to siphon property instantly, bypassing the safety controls that ruled Squid’s major contracts.

This is a structural sample that has surfaced repeatedly throughout DeFi exploit historical past: audits cowl submitted elements, not the total dependency tree.

The module in query was a third-party integration layer, which means its belief assumptions, permission logic, and oracle dependencies have been by no means subjected to the identical scrutiny as Squid’s native code.

(*24*)

This incident is unrelated to Squid’s core protocol and contracts. All Squid customers and integrators are unaffected and no motion is required.

A 3rd-party Gnosis Safe module was exploited at present throughout Base and Ethereum, leading to roughly $3.2M in losses. The susceptible… https://t.co/I3gGmdBvE9

— squid (@squidrouter) May 25, 2026

Squid Router’s ResponseSquid Router rapidly issued a assertion distancing itself from the exploit. The crew clarified that the drained funds got here from a third-party Gnosis Safe module referred to as

SquidRouterModule, which was neither constructed, deployed, nor operated by them. They emphasised that their core router contract remained unaffected and that each one commonplace Squid customers and integrators have been secure.

The crew famous the module had built-in with Squid alongside different protocols with none direct involvement from Squid, and urged the group to keep away from conflating the 2 due to comparable naming. No motion was required from Squid customers.

Discover: The Best Token Presales

The publish Ripple News: Squid Raised $6 Million With Ripple Backing, Then Lost Half of It to a Hack Less Than 24 Hours Later appeared first on Cryptonews.