A Debilitating DNS Attack on Galxe Protocol Siphons Over $150,000 and Counting

• Antwan Koss
• October 9, 2023
• Bitcoin, Business, Crypto
• Bitcoin, Crypto, Crypto Losses
• 0 Comments

Galxe protocol suffered a DNS attack resulting in over $150,000 in damages. Suspicion arises about a connection to a previous attack on Balancer.

Key Takeaways

• Galxe protocol experiences a damaging DNS attack with a one-hour website outage.
• Ongoing financial peril as funds continue to be drained, reaching around $160,000.
• Suspicions rise regarding connections between the Galxe and previous Balancer attacks.
• Despite restoration, the Galxe website’s security remains questionable, warning users of potential threats.

In a tangible tremor through the decentralized space, Galxe, a prominent Web3 platform, succumbed to a severe DNS (Domain Name System) attack, witnessing a service disruption and ongoing financial hemorrhage exceeding $150,000. This event unfolded on October 6th, with the platform’s website plunging into an hour-long outage, culminating in a palpable echo of concern amidst the crypto community.

Initially reported on platform X (the new avatar of what was once Twitter), Galxe notified its community of the outage beginning at 14:44 UTC and, in a subsequent 40-minute-later update, acknowledged being ensnared by a security breach impacting their DNS records. This incident precipitated cautionary advisories from Galxe, discouraging users from accessing their domain amid the turmoil.

Even in the wake of the website’s revival, its safety remains shrouded in skepticism. A cascade of X user reports cite Google blocking access to the Galxe website, alarming messages flagging, “Their DNS records have been altered to redirect to a phishing website that siphons users’ wallets.”

The financial wounds inflicted by the DNS assault deepened even with the website ostensibly back online. Noted crypto investigator, ZachXBT, delineated the grim scenario as funds continued to seep into the wallet associated with this exploitative attack. By 17:15 UTC, its balance ominously swelled to approximately $160,000, as per DeBank data.

“Their DNS records have been modified to redirect to a phishing web-site that drains users wallets. Losses top $150K+"#DeadPXLZ holders can rest assured this type of malicious activity is actively monitored by S3 to ensure a secure user experience.https://t.co/llemtrYUZX

— S³ (@StratousSec) October 8, 2023

Moreover, ZachXBT sparked intrigue by insinuating a conceivable link between the adversary embroiling Galxe and the entity behind a September 19th assault on Balancer protocol. The latter event marked the second DNS attack on Balancer within a mere month, the first scalding the platform with losses upward of $238,000 and being orchestrated by a crypto wallet exploiter, dubbed Angel Drainer.

A statement from Galxe, expected to be broadened on X, asserts, “The Galxe website is currently offline. We will reinstate it once the correct DNS records are globally propagated. Rest assured, your funds and information remain secure as long as no approval for any transaction on Galxe has been granted in the past 8 hours…”

Conclusion

The intrusion into Galxe’s domain serves as an acute reminder of the cryptic peril overshadowing the digital asset domain, underscored by a 76% YoY surge in attacks on Web3 projects in Q3 2023, culminating in nearly $686 million losses. Such incidents ignite pertinent discourse on the robustness and resilience of security frameworks enveloping decentralized platforms, impelling a reevaluation and fortification of existing protocols.

Addressing these cybersecurity gaps, especially with the proliferation of DeFi and Web3 platforms, mandates a harmonized strategy involving technological advancements, regulatory scaffolding, and community awareness to foster a secure and thriving digital asset ecosystem. This involves not only mitigating immediate threats but also forging ahead with innovative solutions that preemptively neutralize future security challenges in the burgeoning decentralized landscape.