On October 6, the website of Web3 community platform Galxe was inactive for approximately an hour. Galxe reported on X (Twitter) that its website was down; although it has been restored, the company still warns against using it.
Forty minutes later, it posted an update verifying that a security breach had compromised the company’s Domain Name System (DNS) record. It advised against visiting its website until the issue is resolved.
At the time of writing, Galxe has yet to confirm that its website is secure again. Some X-posters reported that Google had barred the website after its restoration.
An explanation of a Web3 cybersecurity service:
“Their DNS records have been modified to redirect to a phishing web-site that drains users wallets.”
ZachXBT, a crypto-detective, has reported that Galxe is the victim of a theft. After the Galxe website was brought back online, the wallet linked to the exploit by ZachXBT continued to collect funds, and at 17:15 UTC, its balance hovered around $160,000.
ZachXBT suggested connecting the Galxe exploiter and the September 19 Balancer protocol attacker. This was the second attack against Balancer within a month.
The second attack on Balancer resulted in $238,000 in damages. The Balancer team described the incident as a social engineering attack by Angel Drainer, a crypto wallet drainer on its DNS server. SlowMist, a blockchain security company, suggested that the perpetrator had ties to Russia.
According to a recent report from the security platform Immunefi, Web3 initiatives suffered a significant increase in losses during the third quarter of this year compared to the same period in 2022.
In the third quarter of 2023, attacks increased from 30% to 76% year-over-year, and losses approached $686 million. September 25 Mixin breach resulted in the period’s most significant loss.
