According to various reports online, the official X account of restaking protocol EigenLayer appears to have been hacked.
An October 18 post from EigenLayer’s social media account promoted a fake airdrop campaign targeting users eligible for an earlier distribution.
False Air Release Claims
The chain’s pseudonymous researcher ZachXBT was among the first to alert users, issuing a warning via Telegram. “The EigenLayer X/Twitter account is currently compromised – do not click any links,” it warned.
Mudit Gupta, the head of information security at Polygon Labs, amplified the message at X by advising users not to click on any links. He noted that there was no new release. DeFiLlama also confirmed the incident via Telegram.
The hacked account’s first post claimed to promote a reallocation of EIGEN tokens for Season 2 of the EigenLayer airdrop and included a malicious link. This was confirmed by anti-scam crypto platform Scam Sniffer, which shared screenshots of the now-deleted tweets on X.
By clicking the link, users were directed to a phishing site that was not associated with EigenLayer’s restaking protocol or any legitimate activity.
About ten minutes later, a second message encouraged users to make a claim. A final appeal then followed. All three posts were removed shortly after they were published. In particular, in September, the official withdrawal of the season 2 bet was announced and the claim period had already closed.
The $5.7 million hack of EigenLayer
The current account compromise is the second attack the protocol has faced since early October. On October 4, the EigenLayer team announced that they were investigating “unapproved selling activity” associated with a now flagged wallet address. He had sold approximately 1.6 million EIGEN tokens, valued at about $5.7 million.
In a community update published on October 5, the protocol confirmed that the unapproved token sale incident was the result of a hack. The team revealed that a bad actor had compromised an email thread involving an investor’s token transfer to custody.
They claimed that the attacker sold the stolen tokens through a decentralized exchange platform and moved stablecoins to centralized exchanges. Meanwhile, the protocol mentioned that they had already contacted the platforms and authorities, adding that some of the funds had already been frozen.
Despite this breach, the EigenLayer team assured the community that the incident was isolated and did not affect their wider ecosystem. “There are no known vulnerabilities in the protocol or token contracts and this compromise was not related to any onchain functionality,” they added.
SPECIAL OFFER (Sponsored) Binance Free $600 (Exclusive to CryptoPotato): Use this link to register a new account and receive an exclusive welcome offer of $600 to Binance (full details).
2024 LIMITED OFFER on BYDFi Exchange – Up to $2888 Welcome Reward, Use this link to register and open a 100 USDT-M position for free!