Gate News message: DeFi risk management platform Steakhouse Financial recently suffered a hacker attack, and its website and applications were used to carry out phishing scams. The company said the incident only affected the front-end systems, and that all deposits and contracts were unaffected, so users’ funds are safe. Co-founder Sébastien Derivaux reminded users to avoid visiting the Steakhouse website until further notice.
According to Steakhouse’s disclosure, the attack originated from social-engineering tactics aimed at its server provider, OVH Cloud. The attackers obtained sensitive information over the phone, tampered with the website and application IP addresses, and attempted to carry out a five-day deadline domain transfer. The company has revoked the malicious changes and pointed the domain to blank records until it confirms the systems are secure. Steakhouse said it will publish a complete incident analysis report as soon as possible.
Blockaid, a crypto security company, noted that the attackers used the Angelferno (also known as Angel Drainer) program, which is an on-chain active wallet-draining tool that can fully control a user’s crypto assets and withdraw funds after the user signs a malicious transaction. Blockaid previously helped AI crypto company GAIB discover a similar attack; the malicious sites were removed within about 7 hours, and there was no apparent loss.
At present, several crypto companies are offering alternative services and security safeguards to customers who have funds held with Steakhouse. Steakhouse emphasized that it is working to fully restore the front-end systems and is in communication with OVH to ensure that similar incidents will not happen in the future.
This incident once again reminds crypto users that improving security awareness is crucial—especially when interacting with DeFi platforms and digital asset services. Users should carefully verify the authenticity of websites and applications to prevent the risk of on-chain funds being stolen. Experts advise users to regularly update their security measures and to be vigilant against attacks carried out through social engineering or phishing links.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Tether Freezes 3.29M USDT in Rhea Finance Hacker Address
Tether CEO Paolo Ardoino announced the freezing of 3.29 million USDT connected to a hacker linked to Rhea Finance's $7.6 million theft due to a fake token contract attack.
GateNews10m ago
Circle Faces Class Action Lawsuit Over $230M Unblocked USDC in Drift Protocol Attack
Circle faces a class action lawsuit for failing to freeze $230 million in stolen USDC after the Drift Protocol attack. Plaintiffs argue that Circle's protocols allowed attackers to move and convert the stolen funds without intervention, raising concerns about the company's responsibilities in monitoring cross-chain transfers.
GateNews11m ago
$7.6 million stolen from Rhea Finance: DeFi fake token attack manipulates the oracle
A DeFi protocol, Rhea Finance, suffered a major security vulnerability on April 16, resulting in losses of approximately $7.6 million. The attacker manipulated the oracle by creating a fraudulent token contract, causing the protocol to incorrectly assess the value of assets. This loss represents about 6% of Rhea Finance’s total value locked, demonstrating the risk of oracle manipulation attacks in the DeFi space. Users should carefully evaluate the risk of their assets.
MarketWhisper14m ago
Grinex hacked: $15 million paused from trading, pointing to an “enemy state”
Grinex, a Kyrgyz crypto exchange, paused trading and withdrawals after a large-scale cyberattack and lost about $15 million in USDT. The stolen funds were quickly converted into TRX and ETH to reduce the risk of being frozen. Grinex is believed to be the successor to the sanctioned exchange Garantex, becoming a major trading platform for ruble-to-crypto transactions. In its attack statement, Grinex pointed the incident to an “enemy state,” but it lacked concrete evidence.
MarketWhisper41m ago
Kyrgyzstan-based CEX Halts Trading After $15M USDT Cyberattack and Wallet Breach
A Kyrgyzstan-based cryptocurrency exchange suspended trading after hackers stole over $15 million USDT. The attackers moved funds across blockchains to evade detection. The incident highlights risks in centralized exchanges, especially in less regulated areas.
GateNews1h ago
Zonda CEO Reveals 4,503 BTC Cold Wallet Inaccessible as Founder Remains Missing Since 2022
Zonda, a Polish cryptocurrency exchange, faces a crisis as its cold wallet containing 4,503 Bitcoin is inaccessible, prompting a surge in withdrawal requests. CEO Kral claims the private key was never transferred during the company's takeover, and authorities are investigating the situation amid bankruptcy fears.
GateNews4h ago
