On October 9th, the re-staking protocol Symbiotic released an update on the X account theft incident. "At about 06:00 on October 5th, its X account was compromised by an unknown threat actor. The attacker began posting phishing page links designed to imitate the Symbiotic website. Within 15 minutes of becoming aware of the attack, we helped with the investigation and control through Security Alliance, independent security consultants, and X Support. According to the investigation, the incident did not affect the website or the core smart contract, and all these funds were safe. We are investigating our Google Workspace logs, possible reset processes, MFA settings, and company devices, and have not found any evidence that our systems were compromised or employee credentials were compromised. " The investigation also revealed that the attackers purchased a domain name on September 19, 2024, which was designed to look identical to the one used by Symbiotic's X account. In addition, the attackers also created a Google Workspace account designed to mimic emails that have corporate X accounts. While Symbiotic has regained access to the X account, it is continuing to investigate the incident. At this time, we have not ruled out any potential avenues of recourse and are exploring all options to hold the attackers accountable.