EigenLayer has concluded its investigation into a recent security breach that led to the theft of nearly $6 million in EIGEN tokens.
The Ethereum staking protocol confirmed that its internal systems, smart contracts, and website infrastructure were not compromised, emphasizing that the incident was an isolated external attack. According to EigenLayer, the unauthorized liquidation impacted only one individual wallet, and the platform’s on-chain functions remained unaffected.
Security review and new measures implemented
Following the incident, EigenLayer thoroughly reviewed its token transfer and approval processes to identify potential vulnerabilities. The investigation aimed to bolster security around token transactions and prevent similar breaches in the future. In response to the findings, EigenLayer announced the implementation of new security protocols to protect users. The platform assured investors that additional precautions would be taken to secure funds whenever tokens are transferred to custodial services.
External attack and phishing incident
Security firm SlowMist, contracted by EigenLayer for a deeper investigation, concluded that the breach resulted from an external phishing attack targeting an investor associated with Eigen Labs. According to SlowMist, the attacker accessed an employee’s email through phishing, compromising an email thread between Eigen Labs, the investor, and a custodian. By impersonating the investor and the custodian through spoofed emails, the attacker could substitute their wallet address, allowing unauthorized transactions to be executed.
The attacker confirmed a small test transaction, posing as the custodian to establish trust, before completing the full transfer of 1,673,645 EIGEN tokens without additional verifications. The stolen tokens were then swapped for stablecoins through a decentralized exchange and partially transferred to centralized platforms.
Recovery efforts and impact on token price
EigenLayer collaborated with blockchain investigators, including ZachXBT, zeroShadow, and Cryptoforensic, to track the stolen funds. With the help of law enforcement, a portion of the assets was successfully frozen, and further recovery efforts are underway. The incident has impacted the price of EigenLayer’s native token, EIGEN, which has dropped by over 17% in the past week.
As of the latest data, EIGEN is trading at $2.85, marking a 38% decline from its peak of $4.53 at the beginning of October. EigenLayer’s response demonstrates a commitment to improving security and addressing vulnerabilities to protect its users’ assets. However, the broader impact of this incident remains a concern for the platform’s investors and stakeholders.