Vote for Cryptopolitan on Binance Square Creator Awards 2024. Click here to support our content!

User backlash sweeps across Galxe community post-DNS hijack

User backlash sweeps across Galxe community post-DNS hijack
380509
Share link:

In this post:

  • Galxe’s DNS hijack on October 6 diverted users to a phishing site, leading to unauthorized fund transfers and accumulating losses of around $160,000.
  • The incident is part of a larger trend of rising attacks on Web3 projects, with Q3 2023 losses nearing $686 million.
  • Despite efforts to rectify the situation and liaise with law enforcement, some Galxe users expressed dissatisfaction with reports of ongoing unauthorized access even after announced rectification measures.

On October 6, the Web3 community platform Galxe suffered a DNS hijacking incident, which sent shockwaves through the digital asset ecosystem. The malevolent act saw the platform’s official website temporarily commandeered by nefarious actors, who diverted unsuspecting users to a phishing site with sinister intentions of pilfering funds​.  The platform’s team promptly cautioned users against accessing the site to avoid falling victim to this scam.

At 14:44 UTC, the Galxe platform realized its official website was offline. Upon further scrutiny, the team discerned a grave security breach affecting its Domain Name System (DNS) record. They swiftly acknowledged the breach and cautioned users against visiting the domain until they rectified the situation. About 40 minutes later, they confirmed the unfortunate incident to their community​.

The fallout from the DNS hijack was immediate and financially draining. Crypto sleuths such as ZachXBT quickly identified that an address linked to the hacker was accumulating funds from Galxe users. 

At 17:15 UTC, the ill-gotten gains hovered around the $160,000 mark, revealing the enormity of the crisis at hand. Moreover, evidence surfaced linking this malicious activity to a similar DNS hijack on the Balancer decentralized exchange on September 20, hinting at a pattern of targeted DNS attacks within the crypto community.

The gravity of the situation exacerbated as the website came back online, with some users still reporting unauthorized fund transfers. The hacker seemingly exploited a smart contract across various networks, including Ethereum, Optimism, and Arbitrum, among others, exhibiting a high level of sophistication and understanding of the crypto space​.

Read Also  TrueUSD client data exposed in security breach linked to third-party vendor

The Galxe incident is part of a worrying trend, as Web3 projects have been increasingly targeted by hackers. A report from security platform Immunefi highlighted a dramatic rise in attacks on these projects, with losses amounting to approximately $686 million in Q3 2023 alone.

Community reactions

Post-incident, Galxe’s spokesperson relayed a message to the public, assuring them that steps were being undertaken to bring the website back online safely. The spokesman stated that around 9 a.m. PST on October 6, domain ownership of the site had been reclaimed, and security measures were enhanced with the assistance of domain registrar service Dynadot. Additionally, the spokesperson said that the team liaised with law enforcement authorities to investigate the matter further and prevent such occurrences in the future. 

It is important to know that despite the update from Galxe, some users expressed dissatisfaction.  One user claimed that their wallet got hacked despite the announcement that the site has fully recovered. 

https://twitter.com/OxBorat999/status/1710876856201990517?s=20

Galxe is a platform built on web3 technology that enables developers to utilize digital credential data and NFTs (non-fungible tokens) to incentivize users for their involvement in a range of crypto-related activities. Participating users can earn customized rewards from projects and developers by attending community events, engaging in governance tasks, or completing incentivized activities.

A Step-By-Step System To Launching Your Web3 Career and Landing High-Paying Crypto Jobs in 90 Days.

Share link:

Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.

Editor's choice

Loading Editor's Choice articles...

Stay on top of crypto news, get daily updates in your inbox

Most read

Loading Most Read articles...
Subscribe to CryptoPolitan