Hodler — Crypto Portfolio Tracker and Analytics

Nova Merged DAI (zkLink) | DAI

$0.00

Coin info

Rank
#36064
Market Cap
$0.00
Volume (24h)
$0.00
Circulating Supply
0
Total Supply
0

Rank
Market Cap
Volume (24h)
Circulating Supply
Total Supply

Do you think the price will rise or fall?

Rise 40%

Fall 60%

About Nova Merged DAI (zkLink)

Nova's merged DAI leverages unified liquidity across multiple Layer 2 networks, optimizing asset utilization and efficiency.

Price perfomance

$0.00

$∞

Range 24H

$∞

Depth of Market

Depth +2%

Depth -2%

We recommend

News

7 Jun 2026, 16:32
Ethereum Slides Near $1,630 as Lubin Defends $259M DAI Vault, NFT Floors Crater 28%
Ethereum News Consensys CEO Joe Lubin pushed back this weekend against mounting criticism over budget cuts, staff exits and leadership changes at the Ethereum Foundation, framing the restructuring ...
- $1.7K+2.25%
- $0.99952+0.01%
26 May 2026, 14:55
Ripple News: Squid Raised $6 Million With Ripple Backing, Then Lost Half of It to a Hack Less Than 24 Hours Later
Ripple News: Squid Crypto closed a $6 million strategic funding round led by North Island Ventures with participation from Ripple on May 25, 2026, and within less than 24 hours, an attacker drained $3 million from the protocol. The exploit hit a third-party liquidity aggregation module integrated into Squid’s cross-chain swap infrastructure, not the audited core contracts. Squid’s official response has been to distance itself from the breach entirely, stating the team does not know who deployed the specific module responsible for the drain. Blockaid detected an ongoing exploit targeting the SquidRouterModule on Ethereum and Base. 86 Gnosis Safes drained for ~$3M in ~2 hours. All stolen tokens swapped to DAI via attacker-controlled Uniswap V3 pools. More details in — Blockaid (@blockaid_) May 25, 2026 Squid operates as a meta-DEX and chain-abstraction protocol, routing cross-chain swaps across multiple networks through aggregated liquidity layers. The $6M raise was positioned as a catalyst for expanding that interoperability infrastructure, with Ripple’s involvement framed as a strategic alignment with its broader cross-chain and payments roadmap. That narrative collapsed inside a single news cycle. Source: Cryptorank Discover: The Best Crypto to Diversify Your Portfolio Ripple News: How the Squid Crypto Exploit Worked: The Third-Party Module Vulnerability The attack vector was a peripheral liquidity aggregation module that Squid had recently integrated to facilitate cross-chain swap routing, a component sitting outside the protocol’s audited core contract suite. The attacker exploited manipulated price feeds or misconfigured access permissions within this module to siphon assets directly, bypassing the security controls that governed Squid’s primary contracts. Drain Tx / Source: Etherscan This is a structural pattern that has surfaced repeatedly across DeFi exploit history: audits cover submitted components, not the full dependency tree. The module in question was a third-party integration layer, meaning its trust assumptions, permission logic, and oracle dependencies were never subjected to the same scrutiny as Squid’s native code. This incident is unrelated to Squid’s core protocol and contracts. All Squid users and integrators are unaffected and no action is needed. A third-party Gnosis Safe module was exploited today across Base and Ethereum, resulting in approximately $3.2M in losses. The vulnerable… https://t.co/I3gGmdBvE9 — squid (@squidrouter) May 25, 2026 Squid Router’s ResponseSquid Router quickly issued a statement distancing itself from the exploit. The team clarified that the drained funds came from a third-party Gnosis Safe module called SquidRouterModule, which was neither built, deployed, nor operated by them. They emphasized that their core router contract remained unaffected and that all standard Squid users and integrators were safe. The team noted the module had integrated with Squid alongside other protocols without any direct involvement from Squid, and urged the community to avoid conflating the two due to similar naming. No action was required from Squid users. Discover: The Best Token Presales The post Ripple News: Squid Raised $6 Million With Ripple Backing, Then Lost Half of It to a Hack Less Than 24 Hours Later appeared first on Cryptonews .
- $1.7K+2.25%
- $0.99952+0.01%
25 May 2026, 16:02
Gnosis Safe users lose $3.2M in Base and Ethereum exploit
Security warnings issued on May 25, 2026, indicate that about $3.2 million has been siphoned from 86 Gnosis Safes in just two hours. This is via the Base and Ethereum blockchain networks. The vulnerability exploited a smart contract called “SquidRouterModule.” It caused instant confusion in the crypto community due to its similar name to the official Squid Router network. According to reports, the stolen funds were instantly converted into approximately $3 million in DAI tokens via the attacker-controlled Uniswap V3 pools. The hacker used the wallet address 0xA447…54859, which was previously sent 2.1 ETH via TornadoCash. 86 Gnosis safes targeted in a new hack Security firms such as PeckShield and Blockaid were the first to detect this exploit. In the report by PeckShield, the details of the SquidRouterModule exploit were provided, along with the actual flow of funds. This included not only the use of TornadoCash but also exchanging all tokens for DAI. #PeckShieldAlert The SquidRouterModule has been exploited for ~$3M in assets. The exploiter, who was originally funded with 2.1 $ETH from #TornadoCash , has swapped the stolen funds for ~3M $DAI . The stolen assets are currently sitting in the exploiter's wallet 0xA447…54859 pic.twitter.com/RAmpIZQhQh — PeckShieldAlert (@PeckShieldAlert) May 25, 2026 In its report, Blockaid mentioned that 86 Gnosis Safes had been exploited in less than two hours, and all tokens exchanged using liquidity pools controlled by the attacker. Previously, users had authorized these contracts within their Gnosis Safes with elevated privileges, without requiring user signatures. The root cause lies in the design of the third-party Gnosis Safe module itself. The contract, audited by Basescan and named SquidRouterModule, would accept an immutable string provided by the caller as proof of the message’s security. As this string was clearly visible in the publicly available source code, it became possible to bypass all security measures. Following the provision of the string, the module allowed the execution of calldata provided within an array. The fact that the module had already been whitelisted as a legitimate Safe Module by the victims enabled the attacker to withdraw funds from the Gnosis Safes regardless of the token type. The legitimate Squid Router contract (0xce16F69375520ab01377ce7B88f5BA8C48F8D666) uses a completely different architecture and has not been affected by this attack. Squid Router distances itself from the hack incident Squid Router’s official X account did not take long before setting the record straight. In its statement, the company made clear that the exploited contract was not built, deployed, or managed by Squid. It was identified as a smart wallet by another third party that decided to integrate with Squid and other projects, but never contacted the Squid team. The team explained that there was nothing related to the core Squid protocol or its contracts regarding this incident. In addition, not all Squid users and integrators are affected. Moreover, Squid highlighted that initial public information could erroneously refer to SquidRouter based solely on the name of the exploited contract available on Basescan. Binance’s CZ calls on devs to fix hack problems As a clear indication of how increasingly vulnerable the crypto space has become in its supply chain, the founder of Binance, Changpeng Zhao (also known as CZ), has called for developers to swap their API keys after a GitHub data breach. As reported by Cryptopolitan, CZ urged that if users have API keys in their code, even private repos, now is the time to double-check and change them. This is due to the risk of exposed API keys in the event of a breach, as they could be used by trading bots, DeFi protocols, analytics platforms, and other related services. The smartest crypto minds already read our newsletter. Want in? Join them .
25 May 2026, 15:35
Here’s how attackers drained $3.2M from Safe wallets on Ethereum and Base
A vulnerability tied to a third-party Safe wallet module has led to the theft of about $3.2 million across Ethereum and Base after attackers exploited delegated execution permissions to drain dozens of smart accounts within roughly two hours. Blockchain security firm Blockaid said the exploit targeted a contract identified as SquidRouterModule, affecting at least 86 Gnosis Safe wallets, before the stolen assets were converted into Dai through attacker-controlled Uniswap V3 pools. https://twitter.com/blockaid_/status/2058875782810726556 Data shared by the firm showed that the attacker later consolidated the proceeds into a wallet holding roughly 3.07 million DAI. On-chain records linked by Blockaid identified the exploiter address as 0x9bdc730183821b6bb2b51be30b77c964fa645b91 . Etherscan data cited by Lookonchain showed the address had been funded through Tornado Cash and recorded 52 transactions on May 25. https://twitter.com/PeckShieldAlert/status/2058887446268645747? The same investigation also traced one example drain transaction executed at 06:25 UTC, where stolen assets, including USDC, ENA, and USDT, were routed through Uniswap V3 liquidity pools before conversion. How was the exploit executed? Early findings from Blockaid suggested the exploit originated from a flaw inside the executeSameChainActions() function of the third-party module rather than from Safe’s core infrastructure. According to the firm, the attacker deployed Foundry-based exploit contracts that abused the module’s DelegateBundler execution path to impersonate authorized delegates connected to victim wallets. Once the verification checks were bypassed, the attacker could trigger arbitrary swaps directly from the affected Safes without needing the normal multisignature approvals required by the wallet system. Blockaid said the exploit allowed the attacker to exchange legitimate assets for a worthless attacker-created token identified as “u,” before liquidity was removed and the proceeds were converted into DAI. Delegate impersonation suspected in module exploit Further technical analysis shared by SlowMist founder Cos suggested the issue was not tied to compromised private keys. In a translated post on X, Cos said sampled victim wallets were mostly configured as single-signature Safes owned by different users, while the real weakness appeared to come from vulnerable wallet modules attached to those accounts. According to Cos, attackers were able to forge messages and bypass module verification checks, allowing unauthorized redemption and transfer operations from the targeted Safe wallets. The researcher also pointed to the same consolidation wallet identified by Blockaid, where the stolen funds were reportedly settled. Attacker’s wallet holding DAI. Source: Etherscan. The exploit basically relied on how Safe modules operate inside smart contract wallets. Unlike standard Safe transactions that require multiple owner approvals, modules can execute actions directly once users grant them trusted permissions. The flaw inside the SquidRouterModule appeared to stem from improper identity validation, which allegedly allowed malicious payloads to masquerade as approved delegates. Because the module already possessed broad execution permissions inside the connected wallets, the forged requests were reportedly treated as legitimate instructions by the Safe contracts themselves. Affected wallets not linked to Safe Safe Labs CEO Rahul Rumalla later said the compromised accounts “do not seem to be operated on official Safe Wallet product,” adding that investigators still do not know where the wallets were originally created and managed. https://twitter.com/rsquare/status/2058901005664690228 Rumalla stated that the affected wallets were likely deployed through external integrations rather than through Safe’s official interface. Rumalla also said Safe Shield, the company’s built-in warning system powered by Blockaid, had already identified the module as malicious before the incident. According to him, the protection system alerts users when unverified modules or guards request dangerous permissions. Squid denies involvement Meanwhile, Squid denied that its own routing infrastructure or core contracts had been breached. In a statement posted on X, the team said the exploited contract merely shared the SquidRouterModule name and had no connection to Squid’s production router architecture. The protocol added that all Squid users and integrators remained unaffected, while describing the incident as a third-party smart-wallet module exploit unrelated to Squid’s official contracts or services. https://twitter.com/squidrouter/status/2058890710611276238 The attack has added to a growing list of DeFi security incidents reported in 2026. As previously reported by Invezz , last week, Echo Protocol suffered an exploit on Monad after attackers minted roughly $76.7 million worth of unauthorized eBTC tokens through what researchers later linked to an admin key compromise. Investigators in that case also said the blockchain itself was not breached, while weak operational controls surrounding delegated permissions and mint authority allowed the exploit to escalate. The post Here’s how attackers drained $3.2M from Safe wallets on Ethereum and Base appeared first on Invezz
- $1.7K+2.25%
- $0.99952+0.01%
25 May 2026, 14:43
$3 Million Drained In Two Hours: SquidRouterModule Exploit Exposes Hidden Risks In Third-Party Wallet Integrations
Within a span of two hours, attackers had siphoned almost $3 million from several wallets during a fast and coordinated DeFi exploit that has disrupted parts of the ecosystem. The firm Blockaid says the attack targeted a vulnerable wallet module for smart wallets called SquidRouterModule, used by users on Ethereum and Base networks. Overall, the attack hit 86 Gnosis Safe wallets. Within seconds after the attack, the attacker transferred funds from various checks to pools that the attacker controls on Uniswap V3 in exchange for DAI. The speed and reach of this exploit show how quickly attackers can go from discovery to exploitation once vulnerabilities are found in wallet infrastructure. In less than a blink, assets were drained, exchanged and routed through liquidity pools, scuttling countless users without offering them much time to react. Blockaid detected an ongoing exploit targeting the SquidRouterModule on Ethereum and Base. 86 Gnosis Safes drained for ~$3M in ~2 hours. All stolen tokens swapped to DAI via attacker-controlled Uniswap V3 pools. More details in — Blockaid (@blockaid_) May 25, 2026 Exposure Found In Third-Party Module, Not Core Protocol During the course of investigation, it was realised that the exploit did not originate from the core infrastructure of Squid Router. Rather, the flaw was in a module developed outside of Squid but linked with it. This contract was initially reported as the main contract being attacked, in which case it can be confusing when hearing about a report on Basescan with the name SquidRouterModule. Squid quickly explained that, despite the similar names, this module was a separate piece of functionality and not integrated. The team reiterated the importance of clarifying that even a minor change turning out to be unauthorized did not impact its official router contract, which remains secure: in a later statement shared via Squid’s Twitter Space However, user funds or approvals or integrations that directly tied with Squid’s core infrastructure remained secure. This distinction is crucial. However, despite the exploit involving substantial losses, it did not arise from issues in Squid’s protocol itself. Instead, it illustrated an inherent risk with third-party integrations, a growing aspect of modular DeFi architecture. This incident is unrelated to Squid’s core protocol and contracts. All Squid users and integrators are unaffected and no action is needed. A third-party Gnosis Safe module was exploited today across Base and Ethereum, resulting in approximately $3.2M in losses. The vulnerable… https://t.co/I3gGmdBvE9 — squid (@squidrouter) May 25, 2026 Vulnerable Validation Logic Allowed Attack At the heart of the exploit, however, was an egregious design issue in the validation logic of a third-party module. The contract used a constant string provided by the caller as proof to construct message authenticity. But this string was available publicly in the verified source code of the contract. Thus an attacker could provide anything that matched the expected string as a way to circumvent all security layers built into the software. After recovery, the contract allowed all calls without selective calldata to go through, and this gave the attacker total control to interact with any transaction from within the wallet. The affected users added this module to their Gnosis Safe as a trusted component, so the contract was allowed to perform fund transfers without additional signatures. The attack unfolded as follows: The attacker provided the string known to pass validation The contract accepted the request as a valid Arbitrary transactions were executed Moved funds out from their wallets This vulnerability shows how simple oversights in auth logic can lead to multi-million dollar losses. Trusted Module Permissions Made The Damage Bigger One of the most important elements that amplified the damage caused by this exploit was the extent of access assigned to the compromised module. Within the Gnosis Safe, trusted modules can make transactions without requiring user signatures. This architecture allows for flexibility and automation of complex workflows. But it comes with some substantial risks too, if a badly designed or malicious module. Here, it turns out users who had enabled the vulnerable SquidRouterModule were inadvertently sending the total control of their wallet assets to the contract. The attacker completely bypassed additional security layers, since the permissions were already in place at that point. What followed was a swift, massive outflow of funds with virtually no opposition. Market Impact and Fund Movement After the exploitation, the attacker had finally drowned all of their stolen assets in a false manner through DEX. By routing funds into DAI via Uniswap V3 pools, they were able to stabilize the value of the stolen assets and reduce exposure to volatility. The total losses are estimated to be between $3 million and $3.2 million, with about $3 million being drawn within less than 120 minutes. The operation’s efficiency demonstrates a very high level of preparedness and knowledge both of the targeted system, as well as DeFi liquidity mechanics. Despite the scale of the attack, its overall impact on the market was limited. The containment is primarily the result of the exploit being confined to certain wallets, rather in broad-based protocol or asset action. Clearing Up Misunderstandings About Squid’s Function Some news reports were linking the exploit to Squid’s core router due to its name as a vulnerable contract. But it is important to separate the third-party module from the official protocol in order for an accurate reading of the incident. It also did not refer instead to Squid’s own official router contract, which is architecturally different and has a separate identifier. Funds that could be traced back to its operations were not impacted and there was nothing wrong found in its code. This case highlights a long-standing issue in DeFi: the challenge of distinguishing between official infrastructure and third-party integrations. With increased connection between ecosystems, having overlapping names and branding can cause confusion around security incidents. Security and DeFi Integration Lessons For Wallets The SquidRouterModule exploit is a reminder that DeFi security goes beyond core protocols. In fact, ever-brightening primary systems can still be at risk if terminated screens or other connected components have foreseeable vulnerabilities. Several lessons emerge: First, users need to be careful when they enable third-party modules or integrations. Wallet level permissions have a broad impact. Secondly, there are many ways developers can put in place strong validation. The presence of publicly accessible constants or weak authentication can be utilized as a vulnerability. Thirdly, it is important to be transparent about ownership and responsibility. Having a clear distinction between official and unofficial components can eliminate confusion in case of incidents and help with panic control. This event also reinforces the most universal truth, security is only as strong as the weakest link in a composable ecosystem like DeFi. With the increasing interconnection between protocols, quality of every element, and not just the core, will become important. The exploit is quantifiable in millions in terms of immediate loss, but the longer-term implications may be less tangible; a shift in how users and developers formulate trust, permissioning and integration abstractions shapes their relationship with decentralized finance. Disclosure: This is not trading or investment advice. Always do your research before buying any cryptocurrency or investing in any services. Follow us on Twitter @nulltxnews to stay updated with the latest Crypto, NFT, AI, Cybersecurity, Distributed Computing, and Metaverse news !
- $0.99972+0.01%
- $0.00018+1.91%
15 May 2026, 16:02
Could this $19M crypto theft mastermind be on the run?
Onchain activity shows that Dritan Kapllani Jr. has transferred funds into unfreezeable assets in a new wallet, a few days after ZachXBT identified him as a US-based threat actor allegedly tied to $19 million in social engineering thefts from crypto holders. ZachXBT was also the one who flagged the latest move, writing on his Telegram channel , “Earlier today the threat actor ‘Dritan Kapllani Jr’ transferred $2.59M (1.99M DAI, 259 ETH) three hops from: 0x4487db847db2fc99372a985743a26f46e0b2bba6 to: 0x67ec1d405e53ed13a19eb77a9db19186723d125d where stolen funds currently sit dormant.” Dritan’s latest actions are raising questions about whether he is preparing to go into hiding as his co-conspirators face federal charges. Similar exposures by ZachXBT have led to arrests in the past, with one of them also linked to Dritan. That one is John “Lick” Daghita , who was arrested in Saint Martin in March 2026 after allegedly stealing $46 million from US government-controlled wallets. FBI agents reportedly found Daghita with hardware wallets, USB drives, and a metal briefcase of cash after French tactical units helped apprehend him on the Caribbean island. ZachXBT traces $19 million in alleged thefts to Dritan ZachXBT’s investigation, published on X , linked Dritan’s Ethereum wallet to the theft of 185 BTC, worth roughly $13 million, on March 14. One day later, $5.3 million from the stolen funds landed in Dritan’s Exodus wallet, according to Zach’s on-chain tracing. The exposure came after Dritan joined a “band-for-band” contest on Discord on April 23, where scammers compared wallet balances on screen. During the call, he allegedly displayed $3.68 million inside an Exodus wallet, according to Cryptopolitan’s earlier reporting. By the time ZachXBT published his findings, about $1.6 million had already been withdrawn from the wallet. Beyond the 185 BTC theft, ZachXBT traced an older wallet address back to Dritan through a deleted Telegram post by Daghita. That wallet allegedly connected to more than $5.85 million across five additional social engineering thefts in 2025, with Bitcoin addresses spanning August through October of that year. Other associates, such as Trenton Richard David Johnston and Brandon Michael Tardibone , are facing federal charges over the same 185 BTC theft, with Johnston facing up to 40 years in prison and Tardibone 30 years. ZachXBT identified Dritan as a co-conspirator 1 in Johnston’s case. A familiar playbook The connection between Dritan and Daghita predates both investigations. The two engaged in their own band-for-band wallet comparison, ZachXBT said, which was part of what triggered the January 2026 probe into Daghita’s government wallet theft. In both cases, showing off stolen wealth on social media provided the onchain breadcrumbs that investigators followed. ZachXBT noted that Dritan has “tons of plot armor,” pointing out that multiple associates from groups known as ACG and 41/RM Boyz have been arrested while Dritan has avoided prosecution. Since Dritan was recently a minor, ZachXBT suggested that law enforcement may have delayed charges on that basis. With Johnston and Tardibone now facing decades in federal prison and Daghita awaiting extradition from Saint Martin, the question for investigators is whether Dritan’s apparent fund movements signal a plan to follow Daghita’s exit strategy before charges catch up. The smartest crypto minds already read our newsletter. Want in? Join them .

Nova Merged DAI (zkLink) | DAI

Coin info

Rank

Market Cap

Volume (24h)

Circulating Supply

Total Supply

Rank

Market Cap

Volume (24h)

Circulating Supply

Total Supply

Do you think the price will rise or fall?

About Nova Merged DAI (zkLink)

Price perfomance

Depth of Market

Depth +2%

Depth -2%

We recommend

News

Ethereum Slides Near $1,630 as Lubin Defends $259M DAI Vault, NFT Floors Crater 28%

Ripple News: Squid Raised $6 Million With Ripple Backing, Then Lost Half of It to a Hack Less Than 24 Hours Later

Gnosis Safe users lose $3.2M in Base and Ethereum exploit

Here’s how attackers drained $3.2M from Safe wallets on Ethereum and Base

$3 Million Drained In Two Hours: SquidRouterModule Exploit Exposes Hidden Risks In Third-Party Wallet Integrations

Could this $19M crypto theft mastermind be on the run?

Top Markets

Nova Merged DAI (zkLink) | DAI

Rank

Market Cap

Volume (24h)

Circulating Supply

Total Supply

About Nova Merged DAI (zkLink)

Ethereum Slides Near $1,630 as Lubin Defends $259M DAI Vault, NFT Floors Crater 28%

Ripple News: Squid Raised $6 Million With Ripple Backing, Then Lost Half of It to a Hack Less Than 24 Hours Later

Gnosis Safe users lose $3.2M in Base and Ethereum exploit

Here’s how attackers drained $3.2M from Safe wallets on Ethereum and Base

$3 Million Drained In Two Hours: SquidRouterModule Exploit Exposes Hidden Risks In Third-Party Wallet Integrations

Could this $19M crypto theft mastermind be on the run?