The official website of the web3 credentials and rewards platform Galxe was compromised due to a DNS hijack attack on its front-end website, the team confirmed.
The team notified users of the incident, advising them not to use the site. During the attack, hackers executed a DNS exploit to take control of Galxe’s official website link and redirected users to a phishing site associated with a malicious contract aiming to steal user funds.
Galxe stated the compromise targeted its account with the domain name registrar, Dynadot.
“We’ve detected a security breach affecting the DNS record for ‘galxe.com’ through our Dynadot account. Please refrain from visiting the site from all channels while we are resolving the issue,” the team said.
The incident has resulted in user losses
The incident appears to have resulted in a loss of funds for some user, with crypto sleuth ZachXBT noting that an address linked to the hacker has received funds from Galxe users.
So far, the hacker’s address has amassed over $140,000 in user funds. The same address was tied to the attacker who executed a similar DNS hijack attack on the Balancer exchange on Sept. 20.
Galxe is a web3 platform that allows developers to leverage digital credential data and NFTs to reward users for their participation in various crypto activities. Users receive custom reward programs for attending community events, participating in governance tasks, or completing an incentivized testnet activity.
