EigenLayer experienced a hacking incident in early October 2024, where approximately 1.67 million EIGEN tokens worth around $5.7 million were stolen from one of its investors. The hacker managed to infiltrate an email conversation between the investor and the custodian service used to transfer the tokens. By modifying the destination address, the tokens were eventually sent to the hacker's address and immediately sold through a decentralized exchange platform.
EigenLayer insists that this incident is isolated, meaning there are no vulnerabilities in their protocol or smart contracts. EigenLayer’s on-chain infrastructure remains secure. They have been working with centralized exchanges and legal authorities to recover some of the stolen funds, with some funds frozen.
As a mitigation measure, EigenLayer has enhanced security protocols especially related to communication between investors and the platform, and continues to work with relevant parties to further investigate the incident.
The EigenLayer hack involved a technique often referred to as a man-in-the-middle attack (MITM), which in this case occurred via email. The hackers managed to infiltrate an email conversation between an investor and a custodian service regarding the transfer of EIGEN tokens. By accessing and modifying the email messages, the hackers replaced the wallet address to which the tokens were transferred with a wallet address controlled by them. As a result, the investor unknowingly sent EIGEN tokens to the wrong address.
Once the tokens were received by the hackers, they immediately sold the tokens on a decentralized exchange platform and converted them into stablecoins, then moved them to a centralized exchange to try to eliminate traces of the transaction.
This is not the first time that email communications have been manipulated in the crypto space. MITM techniques or similar attacks involving wallet address swapping have occurred before on other crypto projects. For example, phishing attacks often target individual users or project teams, where hackers replace wallet addresses sent via email or private messages, sending funds to the wrong wallet. This has happened in high-profile incidents such as hacks of several crypto exchanges or initial coin offerings (ICO) platforms in the past, where official fundraising addresses were changed by hackers.
This attack underscores the importance of multi-factor verification and more secure communications to prevent manipulation of crypto wallet addresses. Some preventative measures that can be taken include using email encryption methods, ensuring that wallet addresses are verified outside of communication channels such as email, and using trusted custodian services with high levels of security.
#CryptoExplorerFiesta #marketdownturn #Binance