On October 6, the community platform website Galxe was inaccessible for about an hour. Galxe announced on X (or Twitter) that its site was offline, and less than an hour later, the company confirmed that it had fallen victim to a security breach affecting its domain name system (DNS) and recommended not visiting its domain until the issue was resolved.
The Galxe Hack is not an Isolated Incident
Although the website has since been restored, Galxe has not yet confirmed its security status. After the restoration, some users reported that Google was blocking the site. Galxe’s DNS records appeared to have been modified to redirect to a phishing site that empties users’ wallets.
Crypto detective ZachXBT reported that funds were stolen from Galxe. The wallet associated with this hack, identified by ZachXBT, continued to receive funds even after Galxe’s website came back online, totaling approximately $160,000 at 7:15 pm.
ZachXBT mentioned a possible connection between the Galxe hack and the one targeting the Balancer protocol on September 19, which was the second attack on Balancer in a month. The previous attack resulted in losses of $238,000. The Balancer team described the incident as a social engineering attack on its DNS server orchestrated by a crypto wallet-draining specialist named Angel Drainer. Blockchain security company SlowMist suggested a potential association of the attacker with Russia.