Galxe, a Web3 community, faced a breach on October 6, 2023, and as per the X post of an influencer, the hack was carried out by the same hackers that drained Balancer a month ago.
Galxe officials said, “On October 6, an unknown individual contacted their domain service provider Dynadot, impersonating an authorized Galxe member and bypassing the security process with falsified documentation.”
The bad actor then gained unauthorized access to the domain account, which was manipulated to redirect website visitors to a fake site and sign transactions that misappropriated their funds.
The ecosystem further informed that it “ only affected our domain and front-end application. All Galxe smart contracts and technical systems remain safe and protected.”
As per available data on Etherescan, 1,120 users got affected after interacting with the malicious site, and approximately $270K funds were wiped out. The Galxe ecosystem is closely working with law enforcement officers to recover the lost funds.
The hacker(s) conducted a social engineering attack against Dynadot, which is the DNS registrar of our domain Galxe(dot)com; by using forged documents of the account owner, they successfully bypassed Dynadot’s security process and were granted temporary access to Galxe(dot)com’s Dynadot account.
The suspicious activity was traced to IP address 141.98.252.160. The only users affected are those who visited Galxe.com and signed transactions to malicious contracts during the incident.
Major Crypto Hacks Q2 & Q3 2023
Crypto hacks have risen in the third quarter compared to the first and second quarters of 2023. The total amount of funds swiped by bad actors stands around $889 Million.
There were 29 attacks in the DeFi field, accounting for 67.4% of the total incidents. Public chains suffered the highest amount of losses among project types.
Ethereum became the most troubled blockchain, accounting for the highest losses overall, totaling $227 Million. Ethereum also saw the highest number of attacks, reaching 16 times.
There were 9 private critical compromise incidents this quarter, resulting in losses reaching $223 Million, the most common type of attack in the said period. Regarding stolen fund flows, $360 Million (67%) remained in hacker addresses.
On September 25, 2023, Mixin Network reported a hack amounting to $200 Million from its mainnet. However, analysts believe that the attack on the Mixin Network is one of the biggest hacks in Q3 2023.
Curve, a decentralized finance (DeFi) ecosystem, experienced a hack of $73 Million on July 30 due to vulnerabilities in the pools’ coding language. After negotiation with the hackers, the ecosystem retrieved $53 Million from the hacker, while the rest of the amount was offered as bug bounty.
Disclaimer
The views and opinions stated by the author or any people named in this article are for informational ideas only and do not establish financial, investment, or other advice. Investing in or trading crypto or stock comes with a risk of financial loss.
Steve Anderson is an Australian crypto enthusiast. He is a specialist in management and trading for over 5 years. Steve has worked as a crypto trader, he loves learning about decentralisation, understanding the true potential of the blockchain.
Source: https://www.thecoinrepublic.com/2023/10/07/did-balancer-attackers-target-galxe-as-well-the-270k-heist/