Squid:安全事件与 Squid 核心协议及合约无关,所有 Squid 用户及集成方均未受影响
ChainCatcher 消息,Squid 在 X 平台发文表示,此次事件与 Squid 核心协议及合约无关,所有 Squid 用户及集成方均未受影响,无需采取任何行动。Base 与 Ethereum 网络上一个第三方 Gnosis Safe 模块遭到攻击,损失约 320 万美元。该漏洞合约在 Basescan 上验证名称为 “SquidRouterModule”,但该合约并非由 Squid 构建、部署或运营,而是一个选择集成 Squid 及其他协议的第三方智能钱包产品,且与 Squid 无联系。
攻击原理为该第三方模块接受调用者提供的常量字符串作为消息安全证明,该字符串在已验证合约代码中公开可见,攻击者输入后即可执行任意 calldata 数组,随意窃取资金。受害者的 Safe 钱包将该问题合约添加为受信任 Safe Module,使该合约无需签名即可支配 Safe 内任意代币。Squid 自有路由合约 (0xce16...D666) 架构不同,未受影响,Squid 用户资金、授权及集成均完全安全。
早期公开报道或因 Basescan 上的合约验证名称提及 “SquidRouter”,准确表述应为:第三方 SquidRouterModule 遭攻击,而非 Squid 的 Router 合约。该合约名称与 Squid 相同,但非 Squid 代码。Squid 正持续监控事态,如有重大变化将更新信息。
Disclaimer: OKX Orbit content is provided for informational purposes only. Learn more
Replies
Related Flash News
币界网•26m agoTom Lehman: Promoting EIP-8182 inclusion in the Ethereum Hegota upgrade
ChainCatcher•2h agoData: A certain Ethereum presale address liquidated, holding $620 principal for over 10 years has appreciated by about 6,800 times
Odaily•2h ago$620 turned into $4.2 million, an address held 2,000 ETH for over 10 years before transferring
Blockbeats•2h agoAnalysis: If Garrett Jin refuses to trade ETH, he could have gained over $70 million in unrealized gains, but his current losses have reached $128 million
Blockbeats•2h agoBitcoin ETFs have seen over $2 billion in outflows in two weeks, but analysts say "institutional funds have not left."
ChainCatcher•3h agoBlockaid: SquidRouterModule suspected of being attacked, 86 Gnosis Safe wallets were stolen for approximately $3 million within about 2 hours
ChainCatcher•4h agoPeckShield:WUSD/GLOVE 遭攻击损失约 20.7 万美元
币界网•5h agoEthereum's price has formed a bearish roundtop structure, facing downward pressure
Blockbeats•5h agoA dormant ETH early-stage whale who had been dormant for 10.8 years awakened, earning over 6,800 times in profit
Blockbeats•9h agoThe Solana ecosystem meme coin ASTEROID rebounded 48% intraday, while the Ethereum ecosystem version experienced slight pressure and pulled back
