Protocol-impersonator domain registered (typosquat)
EigenLayer's assessment for RD-F-161 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
EigenLayer is a high-recognition $8.89B TVL protocol — a prime typosquat target. The documented brand migration from eigenlayer.xyz to eigencloud.xyz creates new impersonation surface (e.g., eigencloud-xyz.com, eigen-cloud.xyz). EigenLayer's X account was hacked (Unchained Crypto report), confirming active brand-impersonation threat. The October 2024 investor compromise used email thread spoofing — a sophisticated impersonation technique. No specific typosquat domain incident identified via OSINT as of 2026-04-28 (WHOIS monitoring feed required for definitive 90-day window check). Score yellow: high-value brand + confirmed X account compromise + domain migration creating new attack surface.
Sources #
- URLExplained: The EigenLayer Investor Hack October 2024 — HalbornHalborn: October 2024 EigenLayer investor hack used email impersonation (spoofed investor + custodian emails) — attacker received test transaction before executing $5.7M theftretrieved 2026-04-28
- EigenCloud Blog — EigenLayer tag (domain migration evidence)EigenCloud blog migration: docs formerly at docs.eigenlayer.xyz now redirect to docs.eigencloud.xyz — new domain surface requiring monitoring baseline resetretrieved 2026-04-28
- EigenLayer's X Account Hacked in Latest Social Media Crypto Takeover — Unchained CryptoUnchained Crypto: EigenLayer X account hacked — confirms active brand-impersonation targeting of EigenLayer channelsretrieved 2026-04-28
Methodology #
Determine whether a typosquat of the official protocol domain has been registered in the last 90 days.
See the full factor methodology and distribution across all protocols →