Galxe protocol experiences DNS attack, losses top $150,000 so far and still growing

399
SHARES
2.3k
VIEWS



The website of Web3 community platform Galxe was offline for about an hour on Oct. 6. Galxe reported on X (Twitter) that its website was down at 14:44 UTC and 40 minutes later posted an update confirming that it had experienced a security breach affecting the company’s Domain Name System (DNS) record. It warned against visiting its domain until the situation is remedied. 

Galxe has not confirmed that its website is safe to use again at the time of writing. After the website was restored, some X posters were reporting that it was blocked by Google.

One Web3 cybersecurity service explained:

“Their DNS records have been modified to redirect to a phishing web-site that drains users wallets.”

Crypto detective ZachXBT has reported that funds are being stolen from Galxe. The wallet linked to the exploit by ZachXBT continued to gather funds after the Galxe website came back online, and hovered around $160,000 at 17:15 UTC.

ZachXBT suggested a link between the Galxe exploiter and the party that attacked the Balancer protocol on Sept. 19. That was the second attack on Balancer in the span of a month.

The second attack on Balancer led to losses of $238,000. The Balancer team called the incident a social engineering attack on its DNS server carried out by a crypto wallet drainer called Angel Drainer. Blockchain security firm SlowMist suggested that the attacker was associated with Russia.

Losses to Web3 projects increased dramatically in the third quarter of this year, as compared to Q3 2022, according to a recent report from security platform Immunefi. Attacks rose from 30% to 76% year-on-year, and losses reached close to $686 million in Q3 2023. The biggest loss in that period was from the Mixin hack on Sept. 25.

Magazine: $3.4B of Bitcoin in a popcorn tin: The Silk Road hacker’s story