- OpenEden and Curvance were targeted in front-end attacks on February 16, 2026, putting user funds at risk.
- Both incidents involved the AngelFerno wallet drainer, a ‘scam-as-a-service’ tool that facilitates fund theft.
- No funds were reported stolen from Curvance, which stated preventative measures stopped losses, and smart contracts remain safe.
- A similar attack successfully targeted Maple Finance the previous week, but the team has since restored the application.
- These attacks rely on compromising a DeFi project’s website to inject malicious code that tricks users into approving harmful transactions.
Crypto users are under fire once more as a spate of front-end attacks has hit the DeFi sector this month. On February 16, 2026, platforms OpenEden and Curvance were compromised, following an earlier incident affecting Maple Finance.
Blockchain security firm Blockaid reported the attack on OpenEden, linking it to the AngelFerno drainer. Consequently, OpenEden warned users to avoid its websites immediately.
Meanwhile, an Ethereum Security Alliance member flagged a domain compromise for Curvance. Curvance reassured the community that “preventative measures were taken before any loss of funds occurred.”
The attacks employ crypto wallet drainers like AngelFerno. These ‘scam-as-a-service’ tools automatically split stolen funds between the scammer and the script developer.
Project teams consistently note that underlying smart contracts and assets remain secure. Maple Finance confirmed this after its front-end was restored last week, stating that “smart contracts and funds have remained safe and unaffected.”
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
