The web site of Web3 group platform Galxe was offline for about an hour on Oct. 6. Galxe reported on X (previously Twitter) that its web site was down at 14:44 UTC, confirming 40 minutes later that it had skilled a safety breach affecting its Domain Name System (DNS) report. It warned in opposition to visiting the area till the state of affairs was remedied.
At the time of writing, Galxe had not confirmed that its web site was protected to make use of once more. After the web site was restored, some X posters have been reporting that it was blocked by Google.
Dear Galxe Community,
We acknowledge the affect that current occasions have had upon our customers and are shortly working to take remedial motion. The Galxe safety workforce continues to take an aggressive method to guard your knowledge, funds and digital belongings.
Steps You Should Take:
❗️Do…— Galxe (@Galxe) October 6, 2023
One Web3 cybersecurity service explained:
“Their DNS records have been modified to redirect to a phishing web-site that drains users wallets.”
Crypto detective ZachXBT reported that funds have been being stolen from Galxe. The pockets ZachXBT linked to the exploit continued to assemble funds after the Galxe web site got here again on-line, hovering round $160,000 at 17:15 UTC, in line with DeBank.
ZachXBT suggested a hyperlink between the Galxe exploiter and the social gathering that attacked the Balancer protocol on Sept. 19. That was the second assault on Balancer within the span of a month.
Once you connect with Galxe, you’ll be prompted for approval.
If you approve by logging in to WEB3 as regular, all belongings might be eliminated.
Please RT and unfold the phrase. pic.twitter.com/W51Bdd78KU— ZORBA۞ (@OHzorba) October 6, 2023
The second assault on Balancer led to losses of $238,000. The Balancer workforce referred to as the incident a social engineering assault on its DNS server carried out by a crypto wallet drainer referred to as Angel Drainer. Blockchain safety agency SlowMist prompt that the attacker was related to Russia.
$148k has already been stolen by the Galxe hacker.
The hacker is utilizing the identical sensible contract on 10 networks:
0x0000d38a234679F88dd6343d34E26DCB50C30000
Please revoke this sensible contract ASAP on:
❍ Ethereum
❍ Optimism
❍ Arbitrum
❍ BNB Chain
❍ Base
❍ Polygon
❍… pic.twitter.com/I9SN3FfPYF— FIP Crypto (@FIP_Crypto) October 6, 2023
Losses to Web3 projects increased dramatically within the third quarter of this 12 months, as in contrast with Q3 2022, in line with a current report from safety platform Immunefi. Attacks rose from 30% to 76% year-on-year, and losses reached near $686 million in Q3 2023. The greatest loss in that interval was from the Mixin hack on Sept. 25.
At 21:25 UTC, a spokesperson for Galxe contacted Cointelegraph to offer a press release that she stated would later be posted on X. The assertion learn, “The Galxe web site is offline. We will carry it again on-line as soon as the right DNS information are propagated globally. Your funds and data are protected so long as no approval of any transaction on Galxe has been made up to now 8 hrs. […] We took again the area possession at 9am PST, October sixth, and enhanced the safety safety of the account with [domain registrar service] Dynadot. […] In our efforts to handle this case, we’ve engaged with the suitable regulation enforcement authorities.
Magazine: $3.4B of Bitcoin in a popcorn tin: The Silk Road hacker’s story
Update on Oct. 6, 21:45 UTC: This article has been up to date to incorporate a press release supplied by Galxe.
