The Web3 Galxe community platform’s website was offline for about an hour on October 6. Galxe reported on X (Twitter) that its website was down at 14:44 UTC and 40 minutes later posted an update confirming that it had suffered a security breach. Which affects the company’s Domain Name System (DNS) record. He warned against visiting his domain until the situation is addressed.
Galxe has not confirmed that its website is safe to use again at the time of writing. After the website was restored, some X posters reported that it had been blocked by Google.
Dear Galaxy Community,
We recognize the impact of recent events on our users and are working quickly to take remedial action. The Galxe security team continues to take a rigorous approach to protecting your data, funds, and digital assets.
Steps you should take:
– Jalex (@jalex) October 6, 2023
One stop cybersecurity service Web3 to explain:
“Their DNS records were modified to redirect to a phishing website that drains users’ wallets.”
Cryptocurrency investigator ZachXBT reported funds stolen from Galxe. The wallet linked to the exploit by ZachXBT continued to raise funds after the Galxe website came back online, and was worth around $160,000 at 17:15 UTC.
ZachXBT suggested a link between the Galxe exploit and the party that attacked the Balancer protocol on September 19. This was the second attack on Balancer within a month.
Once you connect to Galxe, you will be asked for consent.
If you agree by logging into WEB3 as usual, all assets will be removed.
Please respond and spread the word. pic.twitter.com/W51Bdd78KU
– Zorba (@OHzorba) October 6, 2023
The second attack on Balancer resulted in losses of $238,000. The Balancer team described the incident as a social engineering attack on its DNS server that was carried out by a cryptocurrency wallet drainer called Angel Drainer. Blockchain security firm SlowMist indicated that the attacker was linked to Russia.
$148,000 has already been stolen by Galxe hacker.
The hacker uses the same smart contract on 10 networks:
Please cancel this smart contract as soon as possible at:
❍ BNB Chain
— FIP encryption (@FIP_Crypto) October 6, 2023
Losses on Web3 projects increased significantly in the third quarter of this year, compared to the third quarter of 2022, according to a recent report from security platform Immunefi. Attacks rose from 30% to 76% year-on-year, and losses reached nearly $686 million in the third quarter of 2023. The largest loss in that period was from the Mixin hack on September 25.
Magazine: $3.4 Billion Bitcoin in a Popcorn Jar: The Story of the Silk Road Pirates