According to on-chain data, the malicious actor responsible for the security breach of EigenLayer has stolen a significant amount from users on the platform. As of the latest update, a user on EigenLayer has incurred losses that exceed $800,000 in mETH (Mantle Staked Ether) tokens as a result of the phishing scam.
EigenLayer Faces Major Security Breach
In an unfortunate turn of events, EigenLayer, a leading decentralized finance (DeFi) restaking protocol on Ethereum, reported a security breach on its official X account earlier today.
The @eigenlayer handle has been compromised. Please do not engage with any suspicious links and actively double check and verify you are engaging with ‘https://t.co/tg4hzOLtP5‘.
An update will be provided once secured.
— Eigen Labs (@eigen_labs) October 18, 2024
A malicious actor exploited the platform’s account to promote a fraudulent token airdrop, deceiving unsuspecting users.
The scammer made a false airdrop campaign about reallocating EIGEN tokens for Season 2 of EigenLayer’s airdrop. Meanwhile, the platform had already announced its Season 2 stakedrop in September, and the claim duration has since concluded.
The phishing post redirected users to a spoofed website, ‘blog.eigenfoundation.org’, instead of the authentic ‘blog.eigenlayer.xyz’ link provided by EigenLayer for the Season 2 stakedrop.
An analysis of on-chain data from the blockchain explorer Etherscan reveals that the hacker has successfully transferred a substantial portion of the stolen funds to multiple wallets.
Furthermore, the hacker initiated requests to unstake mETH tokens, potentially to launder the ill-gotten funds.
The platform’s significant presence in the DeFi ecosystem, as the second-largest protocol on Ethereum with a substantial total value locked (TVL) of $11.1 billion, makes it an attractive target for malicious actors seeking to exploit user trust.
Earlier this month, EigenLayer announced that it launched an investigation into suspicious activity from a wallet ending in “f10D,” which sold 1.6 million EIGEN tokens worth $5.7 million.
Further investigation revealed that a malicious attacker compromised an email thread related to an investor’s token transfer, resulting in the theft.
Although the hack involved the platform’s token, the EigenLayer team emphasized that the security incident was isolated and did not disrupt its ecosystem or on-chain services.
The crypto industry continues to grapple with recurring security breaches, with frequent incidents leading to massive financial losses. Last month, the market suffered more than 20 hack incidents, culminating in financial losses exceeding $120 million.
