In a recent cybersecurity incident, the Web3 platform’s community forum, Galxe Protocol, fell victim to a malicious attack on its Domain Name System (DNS) records, resulting in significant financial losses. The attack, which occurred on October 6, disrupted the platform’s services for approximately an hour. Galxe Protocol took to social media to alert its users and advise against accessing its website until the situation could be resolved. As of now, the platform has yet to confirm that it is completely secure for use, and some reports indicate that Google has blocked access to the site.
Galxe Protocol faces DNS attack and ongoing losses
The severity of the breach became evident when crypto detective ZachXBT reported that the attackers had redirected Galxe’s DNS records to a phishing website aimed at siphoning users’ cryptocurrency wallets. The attackers managed to steal funds from Galxe users, and even after the platform restored its website, the exploit continued to collect funds, accumulating around $160,000 by 17:15 UTC, according to DeBank.
Moreover, ZachXBT has suggested a potential connection between this Galxe Protocol attack and a previous incident involving the Balancer protocol on September 19. The Balancer protocol suffered a similar DNS attack, resulting in losses of $238,000. The Balancer team identified the incident as a social engineering attack on its DNS server, allegedly orchestrated by a crypto wallet drainer known as Angel Drainer. Security experts from the blockchain security firm SlowMist raised suspicions that the attacker had ties to Russia.
Rising Web3 project losses highlight the growing threat landscape
The assault on the Galxe Protocol is just one example of a concerning trend within the Web3 ecosystem. A recent report from the cybersecurity platform Immunefi reveals a significant increase in losses for Web3 projects during the third quarter of 2023 when compared to the same period in the previous year. The report indicates that attacks on Web3 projects surged from 30% to 76% year-on-year, with losses totaling nearly $686 million during Q3 2023.
The most substantial loss during this period was attributed to the Mixin hack, which occurred on September 25. These mounting losses underscore the growing challenges faced by Web3 platforms in safeguarding their assets and user data from a relentless wave of cyberattacks.
Galxe Protocol’s response and ongoing investigations
Amid the turmoil, a spokesperson for Galxe Protocol issued a statement, reassuring users about the safety of their funds and information. The statement clarified that the Galxe website remains offline until the correct DNS records are propagated globally. Notably, the platform regained domain ownership on October 6th at 9 a.m. PST and bolstered the security of its account through the domain registrar service Dynadot.
Furthermore, the Galxe Protocol has taken proactive steps to address the situation by engaging with relevant law enforcement authorities. This cooperation underscores the severity of the incident and the platform’s commitment to holding the attackers accountable for their actions.
The recent DNS attack on Galxe Protocol serves as a stark reminder of the persistent threats facing Web3 platforms and the broader cryptocurrency ecosystem. As Web3 projects continue to evolve and expand, so too do the tactics of malicious actors seeking to exploit vulnerabilities. The ongoing investigation into this incident will likely shed more light on the culprits behind the attack and may lead to enhanced security measures within the Web3 community to safeguard against future threats.