Galxe protocol suffers DNS attack; damages exceed $150K and continue to rise
October 7, 2023 6:31 AM
The website for the Web3 platform has been restored, but the business still advises against using it. The intrusion could be related to the Balancer attack in September.
On October 6, the website of Web3 community platform Galxe went down for nearly an hour. Galxe stated on X (previously Twitter) at 14:44 UTC that its website was offline, and 40 minutes later confirmed that it had encountered a security breach impacting its Domain Name System (DNS) record. It advised against visiting the domain until the problem was resolved.
Galxe had not confirmed that its website was safe to use again at the time of writing. Following the restoration of the website, several X posters reported that it had been blacklisted by Google.
According to one Web3 cybersecurity service:
"Their DNS records were successfully altered so they redirect towards a fraudulent website that steals users' wallets."
ZachXBT, a crypto investigator, alleged that monies were being stolen from Galxe. According to DeBank, the wallet ZachXBT related to the hack continued to accumulate cash when the Galxe website was restored, hovering around $160,000 at 17:15 UTC.
ZachXBT proposed a link between the Galxe exploiter and the entity responsible for the Balancer protocol assault on September 19. This was the second attack on Balancer in a month.
The second attack on Balancer resulted in a $238,00 loss. The Balancer team described the event as a social engineering attack on their DNS server by Angel Drainer, a crypto wallet drainer. SlowMist, a blockchain security outfit, speculated that the attacker was Russian.
According to new research from security platform Immunefi, losses to Web3 projects increased considerably in the third quarter of this year compared to Q3 2022. Attacks increased from 30% to 76% year on year, with losses approaching $686 million in Q3 2023. The Mixin hack on September 25 caused the most damage within that time period.