The Ethena website suffered what appears to be a front-end exploit on Sept. 18, and Ethena Labs has cautioned users not to interact with any site or application claiming to be Ethena.
According to a social media post from Ethena Labs, the website's domain registrar account was compromised, and the site is currently deactivated until the issue is resolved.
Ethena Labs also reassured clients that the Ethena protocol was not affected by the exploit and that all customer funds were safe.
Source: Blockaid.
Security firm Blockaid likewise warned Ethena users who were connected to the site at the time of the exploit not to sign any transactions and to disconnect wallets "immediately."
MetaMask also issued a warning to Ethena users against fake MetaMask sites attempting to use the Ethena exploit to defraud users, steal seed phrases, and steal passwords. The DeFi wallet also flagged the Ethena website as a "deceptive website" to users — discouraging its use until further notice.
Magazine: Weird ‘null address’ iVest hack, millions of PCs still vulnerable to ‘Sinkclose’ malware: Crypto-Sec