ARTICLE AD BOX
The EigenLayer team is still dealing with fallout from "unapproved selling activity" linked to a wallet that unloaded about $5.5 million (or 1,673,645) of its EIGEN token late last week.
"In an isolated incident this morning, an email thread involving one investor’s transfer of tokens into custody was compromised by a malicious attacker," the EigenLayer (EIGEN) team announced in an Oct. 4 tweet. The team says it was misled via email into transferring the tokens to the attacker's wallet after sending a test transaction of 1 EIGEN the day before.
The EigenLayer team did not immediately respond to a request for comment from Decrypt.
"The attacker sold these stolen EIGEN tokens via a decentralized swap platform and transferred stablecoins to centralized exchanges," the team explained.
Blockchain data shows that the wallet executed the sale using MetaMask's “Swap” feature. While the tokens were worth about $5.5 million at the time, the attacker appears to have made less than $3.1 million in USD Coin (USDC) for its sales.
The team behind Ethereum staking protocol EigenLayer said it is collaborating with law enforcement and that a portion of the stolen funds has already been frozen. The team assured the community that the incident would not affect the broader ecosystem and clarified that it was not due to any vulnerability in the protocol or token contracts.
However, some members of the crypto community expressed skepticism about the team's explanation and questioned why tokens were sent directly to investors without a vesting contract—especially since they were supposed to be under a lockup period.
"We trust Web3 to eliminate human error with smart contracts, but many projects still rely on manual handling of token vesting. We need to stop this ASAP," commented Andreas Pensold, CEO of decentralized physical infrastructure networks (DePin) firm Pindora.
The EigenLayer incident is a prime example of social engineering. The team sent the tokens to an impersonator who claimed to be an investor. They even sent a test transaction to the scammer from their multisig first. 🫠
We trust Web3 to eliminate human error with smart… https://t.co/MrytWc21Xa
— Andreas Pensold (@AndreasPensold) October 5, 2024
“The EigenLayer incident is a prime example of social engineering,” he said.
CEO at crypto cybersecurity firm Blockaid Ido Ben Natan told Decrypt that the “attack underscores, yet again, the critical need to validate every single on-chain interaction.” He highlighted the importance of procedures, since “time and again, we see attackers exploiting not technical flaws, but rather gaps in what should be routine verification steps by now.”
“A simple address validation could have caught the discrepancy early and prevented the attack,” he said. Artem Irgebaev, smart contract triager at crypto cybersecurity firm Immunefi, highlighted in a message sent to Decrypt that “anti-phishing training and rules prove to be the best way to minimize the effect of phishing attacks.”
The price of EIGEN fell to a low of $3.08 over the weekend but has rebounded over the last 24 hours, trading at $3.33 as of press time. The report follows late September reports that EigenLayer was set to be unlocked for trading on Sept. 30 after nearly five months since its tokens were airdropped to users.
Edited by Stacy Elliott.
Daily Debrief Newsletter
Start every day with the top news stories right now, plus original features, a podcast, videos and more.