Steadefi lost about $1.14 million after the protocol’s deployer address was compromised, giving the attacker control over vault contracts on Arbitrum and Avalanche. The attacker transferred ownership to their own address and used owner-only functions to allow wallets to borrow available funds from lending vaults, draining funds available for borrowing while depositor vault funds were described as protected. Steadefi’s total value locked fell from more than $2 million to about $550,000, and some remaining assets were locked after the exploiter paused farm contracts. The stolen funds were swapped into roughly 625 ETH, bridged to Ethereum, and forwarded to another address, with the excerpt listing the attacker address as 0x9cf71F2ff126B9743319B60d2D873F0E508810dc. The body speculates about phishing or an inside job but does not provide evidence tying the incident to a specific actor.