Link copied 
The popular Web3 platform, Galxe, experienced a significant disruption recently when its website became inaccessible for nearly an hour on October 6th. This incident was quickly traced back to a security breach targeting its Domain Name System (DNS) record. The company quickly took to X, formerly known as Twitter, advising users to exercise caution and refrain from accessing their site until the situation was addressed.
Despite these warnings and subsequent restoration of the website, several users on X pointed out that the site appeared to be blocked by Google. Delving into the issue, a well-regarded Web3 cybersecurity agency disclosed that Galxe's DNS records had been manipulated. The alteration was set to reroute users to a deceptive site designed to illicitly access and deplete their wallets.
In a concerning turn of events, crypto investigator ZachXBT shared that an unidentified wallet associated with this deceptive site was collecting funds even after Galxe's website was operational again. He pinpointed the accumulated amount at around $160,000, based on data from DeBank.
Notably, ZachXBT also hinted at a potential connection between this security lapse and a prior attack on the Balancer protocol which took place on September 19th. Balancer faced two consecutive attacks within a month, with the latter causing a significant loss of $238,000. After analyzing the pattern, Balancer identified the tactics as a social engineering assault on their DNS server. The foul play was attributed to a cryptocurrency wallet hacker, known as Angel Drainer. Adding another layer to the intrigue, SlowMist, a blockchain security enterprise, posited that the culprits might have ties to Russia.
Unfortunately, the Web3 space has seen a surge in security breaches. As per Immunefi's recent analysis, the third quarter of 2023 witnessed a sharp rise in attacks on Web3 projects, with an astounding 76% increase compared to 2022's same third quarter. These breaches resulted in nearly $686 million in losses.
Addressing the situation, a Galxe representative reached out to Cointelegraph. They assured the public that the Galxe domain was reclaimed by the morning of October 6 and that protective measures had been intensified. They emphasized the security of user funds and data, provided no transactions were approved in the last eight hours on the platform. The spokesperson also confirmed collaboration with law enforcement to rectify the situation.
