Similar attacks affected Aerodrome Finance and Curve Finance last year. The company did not provide a date to safely restore its services.
OpenEden reported that the DNS system for the domains openeden.com and portal.openeden.com was compromised. The company warned that accessing them through web browsers may lead users to a fake site and result in asset loss if a wallet is connected. The team issued an alert and asked users not to interact with those addresses while the incident is under investigation.
The platform stated that its reserve assets remain secure and can be verified through the Chainlink Proof of Reserve system. The incident did not affect the smart contracts or the actual custody. The risk appears if a user enters the compromised portal and signs transactions within the manipulated interface.
OpenEden has operated since 2022 in Singapore as an institutional manager of tokenized real-world assets. The company issues the TBILL token, which provides exposure to U.S. Treasury bills backed by securities held in segregated accounts. The platform serves professional investors, DAO treasuries, and companies. The fund received A ratings from Moody’s and AA+ from S&P Global Ratings.
The attack relies on manipulation of the domain name system. Attackers alter records and redirect traffic to servers under their control. A user types the legitimate address, reaches an identical copy of the site, and connects a wallet. The page requests transaction signatures that appear normal but authorize token transfers to attacker addresses.
In November 2025, Aerodrome Finance had its domain taken over and a fraudulent site enabled the theft of ETH, USDC, and other assets from many users. In May 2025, Curve Finance experienced an intrusion at its domain registrar and migrated to an alternative address while recommending access through ENS.
OpenEden did not detail the method used to gain control of the DNS or identify the attacker or attackers involved. The company also did not provide a date to restore secure access to the domains
