SECURITY

Web3 community platform Galxe domain hacked, phishing links lead to user asset loss

share
Web3 community platform Galxe domain hacked, phishing links lead to user asset loss

The community platform Galxe website, which provides Web3 credentials and rewards, was hacked, and users' assets linked to wallets were compromised. The official website was shut down last night, and on the morning of 10/7, the officials announced that they had regained control.

Galxe Domain Hacked, Users Phished

On the evening of 10/6, Galxe warned users not to link their wallets to Galxe.com due to a security vulnerability involving the domain management company Dynadot and its DNS records.

The official website was shut down at that time, and on the morning of 10/7, the official statement confirmed that control had been regained. The platform will be reopened once all phishing domain records worldwide are cleared.

If users have mistakenly linked their wallets, the official recommendation is to revoke permissions using revoke.cash for the following address:

0x0000eaab14253e1421aef4F48eE539F2653C0000

Official Statement: Impersonation Resulted in $270,000 Loss

Galxe's official statement revealed that unidentified individuals impersonated Galxe's domain management company Dynadot account, manipulated URL redirects, and provided phishing links to deceive users into sending funds.

An estimated 1,120 users interacted with the malicious website, resulting in approximately $270,000 being stolen.

Blockchain Detective: Potentially Linked to Balancer Hackers

Blockchain detective Zach suggested that the addresses to which the stolen funds were sent appear to be linked to the same individual involved in the previous Balancer front-end hack incident.