The DeFi curator says existing deposits and smart contracts are unaffected, but asked users to avoid the platform until the front-end is restored.
Steakhouse Financial warned users on Monday to stop interacting with its website and app after identifying a phishing attack targeting both domains.
“No deposits are at risk. No contracts are affected. All Steakhouse depositors are safe,” the Zug, Switzerland-based firm said on X, adding that the threat primarily affects new users who may unknowingly interact with a compromised version of the website.
Blockchain security firm Blockaid flagged the attack as using code from Angelferno, which it described as one of the largest active wallet-drainer operations onchain. Drainers work by tricking users into signing malicious transactions that grant attackers full access to withdraw their funds.
AI crypto firm GAIB suffered a similar compromise earlier this month, with attackers deploying a copycat website also kitted with Angelferno code after gaining access to its domain through social engineering.
The incident is the latest in a string of DeFi front-end compromises. Solana-based memecoin launchpad BONKfun was hit on March 12 after attackers took over its domain and injected malicious scripts that drained user wallets. The Compound Finance website was similarly redirected to a phishing site in July 2024.
At the time of publication, Steakhouse Financial had not provided a timeline for restoring its front-end.
