Will Gnosis selling GNO tokens to fund reimbursements create sell pressure?

If Gnosis funds the ~$3.2M compensation via on-chain GNO sales, that represents direct sell pressure; stablecoin-funded reimbursements avoid this. Monitor Gnosis treasury wallet addresses on-chain for early disbursement signals.

Is this exploit a risk to ETH or broader DeFi liquidity?

At $3.2M, the direct impact on Ethereum or DeFi liquidity is minimal — DAI's market cap dwarfs the stolen amount. The risk is reputational and regulatory: repeated Safe module exploits increase scrutiny on modular wallet architectures across the ecosystem.

What distinguishes this from a Gnosis Safe core contract exploit?

The attack targeted a whitelisted third-party module (SquidRouterModule), not the Safe's core multisig logic — meaning Gnosis Safe's base security model remains intact. However, the whitelisting mechanism itself is now under scrutiny as a systemic attack vector.

What should I watch next to assess whether GPS recovers or continues lower?

Watch three signals: (1) Gnosis's official post-mortem categorization of the exploit, (2) on-chain reimbursement asset flows from the Gnosis treasury, and (3) whether GPS holds the $0.0074 support level on daily close.

Quick Links

Gnosis Pay Exploit: $3.2M Drained via SquidRouterModule — Leverage Traders Watch GNO Volatility

Published: 2026-06-01 10:40:15 UTC

Tags:DeFi Structural Reset Self-Custody & Cross-Chain Infrastructure Wave

View GPS Page

Data Snapshot

Price

$0.0076

24h Low

$0.0074

24h High

$0.0077

GPS Price

$0.0076

24h Change

+2.62%

Exploit Size

~$3.2M (86 Gnosis Safes)

24h Change (%)

+2.62%

Chains Affected

Ethereum Mainnet, Base

Key Takeaways

•~$3.2M was stolen from 86 Gnosis Safes via the SquidRouterModule on Ethereum and Base, with funds converted to DAI through attacker-controlled Uniswap v3 pools.
•Leverage traders holding GPS perpetuals face liquidation risk on sub-0.2% moves at 500x; monitor $0.0074 as near-term support with exploit volatility capable of 10–20% swings.
•Gnosis co-founder's pledge to cover all losses overrides contractual disclaimers — the reimbursement asset choice (GNO vs. stablecoins) is the key on-chain signal to watch for directional conviction.
•Cross-market impact is limited: ETH and BTC face minimal contagion, but the DeFi Structural Reset theme gains momentum — security-oriented protocols may benefit from renewed attention.
•The $3.2M scale is likely absorbable from Gnosis treasury, reducing existential risk to GNO but not eliminating short-term headline-driven volatility for leveraged positions.

The chart illustrates the recent performance of GoPlus Security (GPS) in the cryptocurrency market. Over the last 24 hours, GPS opened at $0.007438 and closed at $0.007642, marking a price increase of 2.74%. The highest price reached during this period was $0.007693, while the lowest was $0.006756. In contrast, related assets showed varied performance: USDC decreased by 0.02%, COIN fell by 1.09%, and Bitcoin (BTC) experienced a decline of 1.55%. This data indicates that GPS has outperformed its related assets, making it a notable leader in this timeframe, especially in light of the recent exploit involving Gnosis Pay, which drained $3.2 million via SquidRouterModule, causing volatility in the market. — GoPlus Security (GPS) shows a 2.74% increase amid broader market declines.

According to on-chain security firm Blockaid, approximately $3.2 million was drained from 86 Gnosis Safes on May 25, 2026, across Ethereum mainnet and Base. The attacker exploited a whitelisted smart

Event Summary

According to on-chain security firm Blockaid, approximately $3.2 million was drained from 86 Gnosis Safes on May 25, 2026, across Ethereum mainnet and Base. The attacker exploited a whitelisted smart contract called `SquidRouterModule` — once victims had approved this module, the attacker could execute arbitrary withdrawals regardless of token type. Stolen funds were routed through attacker-controlled Uniswap v3 liquidity pools and converted primarily into ~$3M DAI.

Gnosis co-founder Stefan George subsequently stated publicly that "Gnosis will cover all user losses" — a notable deviation from Gnosis Pay's Terms of Service, which explicitly disclaims liability for user losses. This positions Gnosis as a de facto insurer of last resort for the incident, raising both trust and treasury questions for GNO holders.

Leverage Impact Analysis

GPS is currently trading at $0.0076 (24h range: $0.0074–$0.0077, +2.62% on the day per live data), suggesting the market has not yet priced in severe contagion — but headline-driven volatility can spike rapidly on exploit news.

For leveraged traders on CoinUnited.io's crypto perpetuals (up to 2000x leverage), position sizing discipline is critical here:

-High-leverage long scenario: A trader with 500x long GPS at $0.0076 controls a notional position with only a ~0.2% adverse move before liquidation. Given exploit-driven sentiment swings can exceed 10–20%, margin buffers must be sized accordingly.
-Short opportunity context: Traders expressing bearish conviction on ecosystem trust damage should watch for a breakdown below the 24h low of $0.0074 as a momentum confirmation signal; a sustained close below this level may invite further selling.
-Funding rate watch: Monitor funding rates on CoinUnited.io — exploit events typically trigger elevated short-side demand, which can push funding negative and create carry costs for leveraged shorts.

The $3.2M loss is modest relative to major DeFi hacks, and the co-founder's compensation pledge may limit downside persistence. However, any on-chain evidence of GNO treasury liquidation to fund reimbursements would represent an incremental bearish catalyst for leveraged longs.

Cross-Market Impact

This is primarily a crypto-native event with limited macro spillover, but several cross-asset ripples are worth tracking:

-Ethereum (ETH): The exploit occurred on ETH mainnet and Base. Residual DAI/Uniswap v3 pool imbalances may create minor MEV and LP volatility on ETH-denominated pairs, though impact is contained relative to ETH's overall liquidity depth. For broader ETH trading context, see our Ethereum Trading Guide.
-Coinbase (COIN): As a publicly listed crypto infrastructure company, COIN stock is indirectly sensitive to DeFi security headlines that could stoke regulatory scrutiny — though the $3.2M scale is unlikely to move COIN materially.
-DeFi security narrative: This event reinforces the DeFi Structural Reset theme. Security-focused protocols (on-chain monitoring, insurance, formal verification tooling) may see relative inflows. The broader self-custody and cross-chain infrastructure sector faces renewed scrutiny around module whitelisting risks.
-Bitcoin (BTC): No direct impact. BTC typically absorbs risk-off rotation during DeFi-specific exploits rather than selling off in sympathy.

Trading Considerations

Key levels to monitor: GPS $0.0074 (24h low / near-term support) and $0.0077 (24h high / resistance). A confirmed break below $0.0074 on elevated volume could signal institutional de-risking. Watch Gnosis's official post-mortem — whether the exploit is classified as a Safe *core* issue versus an isolated third-party module misuse will be the primary narrative driver.

The reimbursement asset choice matters: stablecoin-funded compensation is GNO-neutral to slightly positive; GNO token sales to fund reimbursements create direct sell pressure. Monitor on-chain treasury wallet flows for early signals.

Trade GoPlus Security on CoinUnited.io

Trade GPS with up to 2000xx leverage → | Create Free Account

Frequently Asked Questions

At 500x leverage on GPS ($0.0076), a move of just ~0.2% triggers liquidation — exploit-driven volatility can easily exceed that range. Traders should reduce position size or widen margin buffers significantly until the post-mortem clarifies whether the Safe core contract is compromised.