Eigenoops
Welcome to the world of VC, also known as vulture capital.
Eigenlayer, the poster child of Ethereum's restaking revolution, just got a $6 million lesson in email security 101.
In a plot twist worthy of a B-grade hacker flick, their sophisticated token distribution strategy amounted to "send us an email with your ETH address."
Unsurprisingly, a digital Danny Ocean waltzed right in, changed an address and walked away with a cool 1.67 million EIGEN tokens.
As the team scrambled to explain how they got phished harder than your grandma on AOL, we're left wondering: is this the crack team we're trusting with almost $11 billion in TVL?
In this week’s game of "Whoops, Where'd the Tokens Go?", are we watching a masterclass in social engineering, or did someone's fingers get a little too sticky in the EIGEN cookie jar?
Credit: DefiLlama, Eigenlayer, Arkham Intelligence, Lookonchain
As the crypto world was winding down for another weekend, Eigenlayer decided to spice things up with a Friday afternoon special.
Who needs happy hour when you can have a multimillion-dollar "oopsie," right?
Our thriller kicks off with a casual tweet from Eigenlayer that screams "nothing to see here, folks".
"We are investigating unapproved selling activity associated with this wallet:” 0xa7a1c66168cc0b5fc78721157f513c89697df10d
Unapproved selling activity? More like "Oops, we just handed over $6 million to someone with a convincing email signature."
But wait, it gets better.
The genius token distribution method?
All you had to do was shoot an email to the team with an ETH address.
They even did a test transaction: 0xc997f69dc4d22cec10e236433822c194765ed56f911890552e733268c3f2cbbb
Because nothing says "ironclad security" like a multimillion-dollar game of "Trust Me, Bro."
A few hours and several panic attacks later, Eigenlayer drops this bombshell:
"In an isolated incident this morning, an email thread involving one investor's transfer of tokens into custody was compromised by a malicious attacker."
Isolated incident? Sure, and the Titanic had a minor scrape with some ice.
1,673,645 EIGEN tokens – poof! Gone faster than you can say "Is this a gift or a grift?"
Hold onto your hardware wallets, folks, because this plot just thickened faster than a badly coded smart contract.
The tokens were sent from this EigenLayer's multi-signature Gnosis Safe which is tagged by Arkham Intel: 0x87787389BB2Eb2EC8Fe4aA6a2e33D671d925A60f
According to the blockchain bloodhounds at Lookonchain, these tokens took a little field trip from an EigenLayer team wallet before being unceremoniously dumped via MetaMask.
Now, let's talk about those pesky lockups.
EigenLayer's supposed to have their employees and early investors on a tight leash - no selling or staking until September 2025.
After that? A measly 4% unlock per month.
Full freedom? Not until September 2027.
Hope you packed your lunch for that long HODL, team!
But apparently, someone didn't get the memo.
Or maybe they just couldn't resist the siren call of sweet, sweet liquidity.
Either way, this sale is more taboo than a vegan at a barbecue contest.
Remember, kids: EIGEN tokens only started their airdrop journey on May 10, 2024.
That's a solid year of "look, don't touch" still on the clock.
But at $3.59 a pop, someone clearly thought it was time to cash in their chips.
Now the EigenLayer team is left scratching their heads, probably wondering if they should've stuck to piggy banks and PIN numbers.
But fear not, dear believers! Eigenlayer assures us this hasn't "impacted the broader ecosystem."
No known vulnerabilities in the protocol or token contracts. Just in their email security, apparently.
The cherry on top? They're "in contact with these platforms and law enforcement."
Because nothing says "decentralized finance" quite like running to the cops when your digital piggy bank gets smashed.
So, here we are. An almost $11 billion TVL protocol, outsmarted by what might be a teenager with a phishing toolkit.
Or was it?
In the murky waters of DeFi, where transparency is supposedly king, why does this whole affair smell fishier than a seaside market at closing time?
So, here we are, watching another VC darling fumble the ball harder than a buttered-up quarterback.
EigenLayer, touted as the next big thing in Ethereum's evolution, just proved it's as vulnerable to basic email scams as your average retiree.
But let's cut through the smoke and mirrors.
Are we really surprised?
These VC-backed projects are starting to look less like industry revolutionaries and more like personal piggy banks with a blockchain paint job.
It's almost as if the 'innovation' is just finding new ways to part investors from their money.
While the cryptosphere buzzes with talks of decentralization and democratizing finance, incidents like this make you wonder.
Are we just watching the same old Wall Street circus, now with fancier jargon and cooler logos?
REKT serves as a public platform for anonymous authors, we take no responsibility for the views or content hosted on REKT.
donate (ETH / ERC20): 0x3C5c2F4bCeC51a36494682f91Dbc6cA7c63B514C
disclaimer:
REKT is not responsible or liable in any manner for any Content posted on our Website or in connection with our Services, whether posted or caused by ANON Author of our Website, or by REKT. Although we provide rules for Anon Author conduct and postings, we do not control and are not responsible for what Anon Author post, transmit or share on our Website or Services, and are not responsible for any offensive, inappropriate, obscene, unlawful or otherwise objectionable content you may encounter on our Website or Services. REKT is not responsible for the conduct, whether online or offline, of any user of our Website or Services.
you might also like...
Click and Beware
Trusted crypto accounts turned digital minefields. One click could cost you everything. Dive into 'Click and Beware' - where your favorite influencer might be your worst enemy. Plus, arm yourself with our rekt-approved survival guide. Don't get rekt, get ready.
Whale Hunter's Payday
When phishing for whales, sometimes you land a big one. A crypto whale found themselves $55.47 million lighter after falling victim to a sophisticated phishing attack targeting their Maker vault.
Crypto's Achilles' Heel
In the realm of crypto, where digital fortresses guard virtual fortunes, the most dangerous threat isn't always a line of faulty code, it's the person behind the keyboard.