The developer of Ethereum restaking protocol EigenLayer has confirmed that hackers hijacked its Twitter (aka X) account on Friday, shortly after suspicious posts appeared on its feed. 

A series of posts advertising a fake airdrop appeared Friday morning on EigenLayer's account. The messages urged Twitter users to click on a link to the Eigen Foundation's website, which was actually a phishing link. 

“The @EigenLayer handle has been compromised,” the protocol's developer Eigen Labs said Friday. “Please do not engage with any suspicious links and actively double check and verify you are engaging with 'eigenlayer.xyz.' An update will be provided once secured.”

The links in question appeared to be wallet drainer scams that could swipe assets from any wallet that had authorized access. The scam apparently bilked at least one unsuspecting victim out of at least $800,000 in cryptocurrencies, security analyst Scam Sniffer reported Friday.

The first of the scam posts, which appeared at around 7am ET, advertised a supposed reallocation of EIGEN tokens from EigenLayer’s Season 2 airdrop, according to blockchain security firm PeckShield Alert. A series of subsequent posts used various tactics to get users to click the same scam link. 

One post included a photo of a dog wearing a flower-adorned headpiece to entice victims to click on the link.

The claim period for Season 2 of EigenLayer’s stakeholder airdrop ended last month, however.

It is unclear if EigenLayer has regained control of its account yet. Eigen Labs did not immediately respond to Decrypt's request for comment.

Edited by Andrew Hayward

Daily Debrief Newsletter

Start every day with the top news stories right now, plus original features, a podcast, videos and more.