The official X account of the restaking protocol, EigenLayer, has been compromised. The bad actor behind the exploit began promoting a malicious token airdrop to attract unsuspecting users. Only an hour into the attack, a victim has lost over $800,000 worth of mETH (Mantle Staked Ether) tokens to the phishing scam.
victim:
0x84b748a811bbdd520c26fed111b3f1f6ccf42e43scammer:
0xcf59d5da8f3120adb060f2bbea5b5762febda396https://t.co/BEtHCYf9eL pic.twitter.com/tkCPpXdOid— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) October 18, 2024
Hacker Uses Phishing Attack
Posing as the EigenLayer team, the hacker lured users to participate in a false reallocation of EIGEN tokens for Season 2 of EigenLayer’s airdrop. In reality, the restaking platform announced its Season 2 stakedrop last month, and the claim duration has concluded.
EigenLayer enables the restaking of crypto assets, allowing users to allocate the funds to the security of third-party networks called active validated service (AVS).
On-chain data from the blockchain explorer Etherscan shows that the hacker has transported a significant portion of the stolen funds to various wallets, including sending requests to unstake the mETH tokens.
At the time of writing, the EigenLayer team had yet to reclaim access to the X account, suggesting that more victims may fall prey to the phishing scam.
More Crypto Hacks
Despite being one of the best spots for the crypto community, the social platform X has become a haven for malicious actors to exploit crypto users and rid them of their digital assets. The latest attack joins a lineup of security breaches crypto-related platforms have faced on X.
Hackers commonly employ phishing attacks in the crypto market. A study earlier this month revealed that over $127 million worth of crypto was lost to phishing attacks in the third quarter of this year.
Some days ago, bad actors lured Ledger users to click phishing links, claiming to update their software to incorporate new features. An expert stated that the scam appeared legit, and unsuspecting users would likely fall prey to the exploit.