Web3 platform Galxe hit by DNS attack on front-end website
Quick Take
- Galxe’s official website was compromised in a DNS hijack incident.
- The team has advised users not to use the site following the incident.
- A hacker redirected users to a phishing site aiming to steal funds.
The official website of the web3 credentials and rewards platform Galxe was compromised due to a DNS hijack attack on its front-end website, the team confirmed.
The team notified users of the incident, advising them not to use the site. During the attack, hackers executed a DNS exploit to take control of Galxe's official website link and redirected users to a phishing site associated with a malicious contract aiming to steal user funds.
Galxe stated the compromise targeted its account with the domain name registrar, Dynadot.
"We’ve detected a security breach affecting the DNS record for 'galxe.com' through our Dynadot account. Please refrain from visiting the site from all channels while we are resolving the issue," the team said.
The incident has resulted in user losses
The incident appears to have resulted in a loss of funds, with crypto sleuth ZachXBT noting that an address linked to the hacker has received funds from Galxe users.
In total, the hacker’s address received over $160,000 in user funds. The same address was tied to the attacker who executed a similar DNS hijack on the Balancer decentralized exchange on Sept. 20.
Galxe is a web3 platform that allows developers to leverage digital credential data and NFTs to reward users for their participation in various crypto activities. Users receive custom reward programs from projects and developers for attending community events, participating in governance tasks, or completing incentivized activities.
© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
