EigenLayer mistakenly transferred $5.5 million worth of EIGEN tokens to an attacker due to a single email thread about an investor’s token transfer was hacked by an attacker

EigenLayer, an Ethereum restaking protocol, mistakenly transferred $5.5 million worth of EIGEN tokens to an attacker. This unauthorized transfer was due to a compromised email thread, not a vulnerability in the protocol itself. EigenLayer has since engaged law enforcement and is working with centralized exchanges to recover the stolen funds.

EigenLayer on X: "Community Update: In an isolated incident this morning, an email thread involving one investor’s transfer of tokens into custody was compromised by a malicious attacker. As a result, 1,673,645 EIGEN tokens were erroneously transferred to the attacker’s address. 

Recently there has been a security incident involving EigenLayer, a restaking protocol built on Ethereum. The incident in question revolved around an unauthorized transfer of EIGEN tokens, valued at about $5.5 million. This event has raised concerns over the security measures in place and the potential vulnerabilities that could be exploited by malicious actors within the crypto space.

There was a suspicious sale of $5.5 million worth of EigenLayer's tokens happened on Friday.

EigenLayer has addressed Friday's suspicious sale of $5.5 worth of EIGEN tokens, stating that the protocol "erroneously transferred" the tokens to an attacker rather than the intended recipient. EigenLayer stated that a single email thread about an investor’s token transfer was hacked by an attacker.

The sequence of events unfolded when a wallet, previously identified as an investor allocation and supposedly under lock and vesting terms, liquidated a substantial amount of EIGEN tokens. The tokens were sold, converted into stablecoins, and then moved across exchanges in an attempt to obscure the transaction trail.

Because of this 1,673,645 EIGEN tokens were mistakenly sent to the attacker. The attacker sold these stolen tokens on a decentralized platform and moved the money to centralized exchanges. EigenLayer is working with these platforms and law enforcement, and some of the stolen funds have already been frozen.

This incident did not affect the larger ecosystem. There is no weakness in the protocol or token contracts, and it was not related to anything happening on the blockchain.

EigenLayer's response to the situation was prompt, assuring the community that the platform's security had not been compromised. The breach was attributed to a compromised email thread, which led to the erroneous transfer of tokens to an attacker's address. The platform has since been working closely with exchanges and law enforcement to recover the stolen funds, with some success in freezing a portion of the assets.