In the early hours of Friday, the official X (formerly Twitter) account of EigenLayer, a prominent restaking protocol, was compromised and used to promote a fraudulent airdrop, according to a confirmation from its developer, Eigen Labs.
The hackers exploited the account to share misleading posts about a fake reallocation of EIGEN tokens for Season 2 of EigenLayer’s airdrop. This malicious campaign attempted to lure users into engaging with suspicious links and submitting claims under pretenses.
The Aftermath And The Details
Following the hack, Eigen Labs immediately alerted users about the breach, urging them to avoid interacting with the posts and the fraudulent links.
The developer emphasized the importance of verifying any communication and ensuring that users were engaging with the legitimate EigenLayer domain, “eigenlayer.xyz.”
The @eigenlayer handle has been compromised. Please do not engage with any suspicious links and actively double check and verify you are engaging with ‘https://t.co/tg4hzOLtP5‘.
An update will be provided once secured.
— Eigen Labs (@eigen_labs) October 18, 2024
The fake airdrop posts on EigenLayer’s X account followed a specific pattern, beginning with a message promoting a false EIGEN token reallocation for Season 2 stakeholders.
This initial post contained a malicious link to trick users into participating in the fraudulent scheme. Shortly after, the hackers posted another message urging users to make a claim and finally shared a third “final call” post to amplify the urgency.
These posts closely mimicked the legitimate announcement for EigenLayer’s actual Season 2 stakedrop, released in September, and whose claim period had already concluded.
The Bust
Scam Sniffer, a crypto anti-scam platform, quickly identified the fake promotion, which confirmed that the posts included harmful links.
🚨 EigenLayer’s X account was compromised and posted phishing tweets. pic.twitter.com/lInHpMIEIM
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) October 18, 2024
The platform warned users of the risk and advised them to avoid engaging with the posts. Meanwhile, the blockchain investigator, ZachXBT, has already raised an early warning on his Telegram channel.
ZachXBT informed his subscribers that EigenLayer’s X account had been compromised. He cautioned against clicking any links shared from the account during the breach.
Notably, the scam incident involving EigenLayer is not a new tactic. Hackers have frequently used this method to lure investors into scams.
Recently, the FBI arrested the perpetrator behind the January hack of the US SEC’s X account, which led to a false post claiming the US SEC had approved the listing of spot Bitcoin exchange-traded funds—a move the SEC had not officially announced.
Featured image created with DALL-E, Chart from TrafingView