On October 6th, the website of the Web3 community platform Galxe experienced an outage that lasted approximately one hour, raising concerns over security breaches in the blockchain space. Galxe took to X (formerly Twitter) to report the incident, confirming at 15:24 UTC that they had encountered a security breach affecting their Domain Name System (DNS) record. As a precaution, they warned users against visiting their domain until the situation was fully resolved.
As of the time of this report, Galxe had not yet confirmed that their website was safe to use again, leaving users in a state of uncertainty. Additionally, some X users reported that the Galxe website appeared to be blocked by Google after it was restored.
Crypto investigator ZachXBT brought to light allegations of funds being stolen from Galxe during the breach. The wallet linked to the exploit continued to accumulate funds even after the Galxe website was brought back online, with an estimated value of around $160,000 as of 17:15 UTC, according to DeBank.
ZachXBT also suggested a potential connection between the Galxe exploiter and the party responsible for an attack on the Balancer protocol on September 19th. This marked the second attack on Balancer within a month, resulting in losses totaling $238,000. The Balancer team characterized the incident as a social engineering attack on its DNS server, orchestrated by a crypto wallet drainer known as Angel Drainer. Blockchain security firm SlowMist hinted at possible ties between the attacker and Russia.
This security breach adds to a growing trend of rising losses in the Web3 space. A recent report from security platform Immunefi highlighted a significant increase in attacks and losses in the third quarter of 2023 compared to the same period in 2022. Year-on-year, attacks surged from 30% to 76%, resulting in losses reaching nearly $686 million. Notably, the largest loss in this period stemmed from the Mixin hack on September 25th.
In response to the incident, a spokesperson for Galxe issued a statement, assuring users that their funds and information were secure as long as no transactions had been approved on Galxe in the past eight hours. Galxe also revealed that they had regained domain ownership and bolstered security with domain registrar service Dynadot. They further stated their cooperation with law enforcement authorities to address the situation, emphasizing their commitment to ensuring the safety and integrity of their platform.
