According to Foresight News, in response to the security incident in which EigenLayer disclosed that an investor's email transferring tokens to a custodial address was hijacked by a malicious attacker, SlowMist Yuxian published an article on the X platform to analyze that the attacker may have planned for a long time. The attacker's address first received 1 EIGEN, and after about 26 hours, it received 1673644 EIGEN, all from 3/5 multi-signature addresses. Then, more than an hour later, various coin washing began. Gas came from ChangeNow, and the illegally obtained EIGEN was mainly exchanged for USDC/USDT, and mainly washed through platforms such as HitBTC. According to the official statement, the reason for the attacker's success was "the email was hacked." It is estimated that in the content of the email, the wallet address that should be sent to receive the expected EIGEN was replaced with the attacker's address, causing the project party to send EIGEN to the attacker's address. Even if 1 EIGEN was sent first, the attacker may have sent 1 EIGEN to the expected receiving address after receiving 1 EIGEN, causing the expected recipient to think that the entire process was correct. Of course, this is just speculation, and the specific details shall be subject to official disclosure.