Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Steakhouse Financial disclosed yesterday that it was targeted by a phone-based social engineering attack against its provider, OVH Cloud. The attacker modified the DNS A records of the main website and app subdomains to point to a malicious IP address and attempted to initiate a 5-day domain transfer. These changes have now been reverted, and the DNS records have been cleared. The team is currently working with OVH Cloud to fully resolve the issue. All vaults and smart contracts were not affected, and depositor funds remain safe. No other service accounts were compromised.Users are advised not to interact with the official website or emails until the issue is fully resolved. A detailed post-incident report will be released as soon as possible. Earlier today, Steakhouse Financial further stated that during the period when the website’s DNS records were cleared, vaults remained accessible directly via Morpho, with all functions — including deposits and withdrawals — operating normally. A confirmation will be provided once the frontend is fully restored. Attack method (per SlowMist): Social Engineering. Reported loss: -.
- chain
- —
- protocol
- Steakhouse Financial
- bug_class
- infrastructure
- date_occurred
- 2026-03-31
- loss_usd
- —
- source_id
- sm:steakhouse-financial::2026-03-31