ARTICLE AD BOX
Key Takeaways
- The team clarified the breach was isolated and not related to any system flaws.
- EigenLayer confirmed that the unauthorized sale of $EIGEN token was the result of the hack.
On October 4, 2024, EigenLayer, an Ethereum restaking protocol, announced that a hacker had stolen $5.87 million worth of its native $EIGEN tokens. The attack occurred after a hacker compromised an investor’s email, allowing access to 1.67 million $EIGEN tokens.
In a statement, EigenLayer reassured users that while the hack was significant, it did not stem from any vulnerability within its core platform. “Our protocol and on-chain infrastructure remain secure,” the team emphasized, clarifying that the breach was isolated and not related to any system flaws.
The first signs of trouble appeared when the EigenLayer team began investigating an unauthorized sale from a wallet address ending in “f10D.” On October 4, they reported that approximately 1.6 million $EIGEN tokens, worth around $5.7 million, had been sold without approval. Following this, the blockchain tracking platform Etherscan flagged the wallet address as part of an ongoing investigation.
Two days later, on October 5, EigenLayer confirmed that the unauthorized sale was the result of a hack. The attacker had infiltrated an email conversation between the investor and the custodial service responsible for the token transfer, tricking the investor into sending their tokens to the hacker’s wallet. The hacker quickly swapped the stolen tokens for stablecoins like USDC and transferred them to centralized exchanges, including HitBTC and Kraken.
Despite the breach, EigenLayer assured its users that steps were being taken to recover the funds. “We are in contact with these platforms and law enforcement. A portion of the stolen funds has already been frozen,” the team stated, underlining their efforts to mitigate the impact.
The $EIGEN token had only recently unlocked on October 1, 2024, debuting at $3.85 on Binance with a fully diluted valuation (FDV) of $6.5 billion. However, by October 5, after the attack and the market’s response, $EIGEN was trading at $3.38, lowering its FDV to $5.6 billion and placing it 99th in global market capitalization rankings.
The hack prompted concerns about internal oversight, especially after blockchain analytics firm Lookonchain discovered that the hacked wallet had been funded by EigenLayer’s multi-signature Gnosis Safe. Additionally, questions arose regarding the protocol’s token lockup policy, which restricts early investors and employees from selling or staking their tokens until September 2025.
EigenLayer is one of many DeFi protocols that have faced large-scale attacks, with recent hacks affecting platforms like Euler Finance, which lost $196 million, and Hundred Finance, which saw $7.4 million stolen.
In a report released last month, the FBI’s Internet Crime Complaint Center noted that crypto fraud accounted for $5.6 billion in losses in 2023, with nearly 69,000 public complaints filed, up from 48,000 complaints in 2022.