Cointime

Cointime

Download App
iOS & Android

Galxe protocol experiences DNS attack, losses top $150K and still growing

The website of Web3 community platform Galxe was offline for about an hour on Oct. 6. Galxe reported on X (formerly Twitter) that its website was down at 14:44 UTC, confirming 40 minutes later that it had experienced a security breach affecting its Domain Name System (DNS) record. It warned against visiting the domain until the situation was remedied. 

At the time of writing, Galxe had not confirmed that its website was safe to use again. After the website was restored, some X posters were reporting that it was blocked by Google.

One Web3 cybersecurity service explained:

“Their DNS records have been modified to redirect to a phishing web-site that drains users wallets.”

Crypto detective ZachXBT reported that funds were being stolen from Galxe. The wallet ZachXBT linked to the exploit continued to gather funds after the Galxe website came back online, hovering around $160,000 at 17:15 UTC, according to DeBank.

ZachXBT suggested a link between the Galxe exploiter and the party that attacked the Balancer protocol on Sept. 19. That was the second attack on Balancer in the span of a month.

The second attack on Balancer led to losses of $238,000. The Balancer team called the incident a social engineering attack on its DNS server carried out by a crypto wallet drainer called Angel Drainer. Blockchain security firm SlowMist suggested that the attacker was associated with Russia.

Losses to Web3 projects increased dramatically in the third quarter of this year, as compared with Q3 2022, according to a recent report from security platform Immunefi. Attacks rose from 30% to 76% year-on-year, and losses reached close to $686 million in Q3 2023. The biggest loss in that period was from the Mixin hack on Sept. 25. 

At 21:25 UTC, a spokesperson for Galxe contacted Cointelegraph to provide a statement that she said would later be posted on X. The statement read, “The Galxe website is offline. We will bring it back online once the correct DNS records are propagated globally. Your funds and information are safe as long as no approval of any transaction on Galxe has been made in the past 8 hrs. […] We took back the domain ownership at 9am PST, October 6th, and enhanced the security protection of the account with [domain registrar service] Dynadot. […] In our efforts to address this situation, we have engaged with the appropriate law enforcement authorities. 

Comments

All Comments

Recommended for you

  • Cointime精选 ·

    BitVM – The first real path to Bitcoin Layer-2s

    The recent approval of Bitcoin spot ETFs and bullish BTC price action have become a catalyst for heightened interest in the Bitcoin ecosystem. A myriad of projects aiming to improve Bitcoin’s scalability have been introduced in recent times, the most exciting of them being BitVM.

    BitVM – The first real path to Bitcoin Layer-2s
  • Messari ·

    State of Safe Q1 2024

    With over $100 billion of assets stored in 8+ million deployed smart accounts, Safe is one of the go-to solutions for smart contract wallets. Previously called Gnosis Safe, Safe aims to create the standard for ownership with smart accounts.

    State of Safe Q1 2024
  • Messari ·

    State of LayerZero Q1 2024

    Though blockchains are designed to be secure, it is difficult to communicate securely between networks. LayerZero is an interoperability protocol that allows secure communication between over 60 networks.

    State of LayerZero Q1 2024

  • BlackRock BUIDL reaches $375 million, surpassing Franklin Templeton to become the largest tokenized Treasury fund

    CoinDesk, on-chain data shows that BlackRock's BUIDL fund grew by $70 million last week, bringing its total size to $375 million, surpassing Franklin Templeton to become the largest tokenized government bond fund.

  • Backed raises $9.5 million in funding round led by Gnosis for tokenization of real-world assets

    Backed, a Switzerland-based tokenized asset issuer, has raised $9.5 million in a funding round led by Gnosis. The company aims to speed up its private tokenization offering and onboard asset managers to blockchain rails with the investment. Tokenization of real-world assets is becoming increasingly popular, with the market for RWAs predicted to reach $10 trillion by the end of the decade. Backed has already issued over $50 million worth of tokenized RWAs, including ERC-20 compatible token versions of exchange-traded funds and individual stocks like Coinbase and Tesla.

  • London-based X10 raises $6.5M to expand hybrid crypto exchange operations

    London-based hybrid crypto exchange company X10 has raised $6.5m in funding from investors including Tioga Capital, Semantic Ventures, Cherry Ventures, Starkware, and Cyber fund, as well as executives from Revolut and the founder of Lido, Konstantin Lomashuk. The funds will be used to expand operations and development efforts. X10 offers a hybrid model that combines the centralized exchange experience with the benefits of DeFi, including on-chain trade settlement, validation, and self-custody. The exchange also provides a customizable web interface, advanced market and portfolio analytics, and premier on- and off-ramping options provided through trusted global partners.

  • Hong Kong Monetary Authority: Crypto assets (especially stablecoins) are one of the key work priorities in 2024

    Hong Kong Monetary Authority (HKMA) official website released the "2023 Annual Report", which includes the financial statements of foreign exchange funds and its "2023 Sustainable Development Report". The 2024 work focus and outlook section of the annual report includes encrypted assets (especially stablecoins), and the HKMA pointed out that public consultations on regulating stablecoin issuers will be conducted from December 2023 to February 2024. The HKMA will work with the government to promote relevant legislative work and will continue to communicate with different stakeholders in formulating and implementing relevant regulatory regimes, as well as paying attention to market developments and relevant international discussions. At the same time, the HKMA will implement a stablecoin "sandbox" arrangement to promote exchanges of views with the industry on proposed regulatory regimes and requirements, and to enhance the stability, cryptographic assets, and financial innovation of non-bank financial intermediaries. The HKMA will focus on virtual asset-related products and will refer to the latest market developments and revisions to international standards in the relevant processes. To promote sustainable and responsible development of the virtual asset industry, the HKMA will continue to work with the government and other regulatory agencies to ensure the establishment of a robust, comprehensive, and balanced regulatory framework for the virtual asset industry.

  • BONKKILLER is a Pixiu scam, and has withdrawn more than 3,000 SOL liquidity

    SolanaFloor disclosed on X platform that Meme coin BONKKILLER on Solana chain is a honeypot scam, and after freezing the token sales of users, the project party has withdrawn liquidity of over 3000 SOL.

  • Crypto accounting firm H&T completes $10 million in financing

    Harris and Trotter Digital Assets (H&T), a crypto accounting firm that provides comprehensive services to approximately 500 native cryptocurrency clients, has completed a $10 million financing round with Orbs leading and Re7 Capital and Kingsway Capital participating.

  • Liquid staking protocol MilkyWay raises $5 million in funding

    The mobile pledge agreement MilkyWay raised $5 million in seed round financing led by Binance Labs and Polychain Capital. Other investors in this round of financing include Hack VC, Crypto.com Capital, and LongHash Ventures.

Daily Must-Read

Popular Activities

Delysium $AGI & AI Private Yacht Party

Delysium $AGI & AI Private Yacht Party

March 27 - March 27
Seoul

Popular Tags

Cointime
News
Contents
RSS
Company