Within the early hours of Friday, the official X (formerly Twitter) account of EigenLayer, a distinguished restaking protocol, was compromised and used to advertise a fraudulent airdrop, in line with a confirmation from its developer, Eigen Labs.
The hackers exploited the account to share misleading posts a couple of fake reallocation of EIGEN tokens for Season 2 of EigenLayer’s airdrop. This malicious campaign attempted to lure users into engaging with suspicious links and submitting claims under pretenses.
The Aftermath And The Details
Following the hack, Eigen Labs immediately alerted users in regards to the breach, urging them to avoid interacting with the posts and the fraudulent links.
The developer emphasized the importance of verifying any communication and ensuring that users were engaging with the legitimate EigenLayer domain, “eigenlayer.xyz.”
The @eigenlayer handle has been compromised. Please don’t engage with any suspicious links and actively double check and confirm you’re engaging with ‘https://t.co/tg4hzOLtP5‘.
An update will likely be provided once secured.
— Eigen Labs (@eigen_labs) October 18, 2024
The fake airdrop posts on EigenLayer’s X account followed a particular pattern, starting with a message promoting a false EIGEN token reallocation for Season 2 stakeholders.
This initial post contained a malicious link to trick users into participating within the fraudulent scheme. Shortly after, the hackers posted one other message urging users to make a claim and at last shared a 3rd “final call” post to amplify the urgency.
These posts closely mimicked the legitimate announcement for EigenLayer’s actual Season 2 stakedrop, released in September, and whose claim period had already concluded.
The Bust
Scam Sniffer, a crypto anti-scam platform, quickly identified the fake promotion, which confirmed that the posts included harmful links.
🚨 EigenLayer’s X account was compromised and posted phishing tweets. pic.twitter.com/lInHpMIEIM
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) October 18, 2024
The platform warned users of the danger and advised them to avoid engaging with the posts. Meanwhile, the blockchain investigator, ZachXBT, has already raised an early warning on his Telegram channel.
ZachXBT informed his subscribers that EigenLayer’s X account had been compromised. He cautioned against clicking any links shared from the account through the breach.
Notably, the scam incident involving EigenLayer is just not a latest tactic. Hackers have regularly used this method to lure investors into scams.
Recently, the FBI arrested the perpetrator behind the January hack of the US SEC’s X account, which led to a false post claiming the US SEC had approved the listing of spot Bitcoin exchange-traded funds—a move the SEC had not officially announced.
Featured image created with DALL-E, Chart from TrafingView