Web3 credentials and rewards platform Galxe has announced a refund of just over $396,000 to the victims of last week’s DNS attack. An additional 10% on the lost funds has also been promised by the team.
The DNS hijack incident compromised Galxe’s official front-end website. Hackers took control of the website’s link and redirected its users to a phishing site which consisted of a malicious contract in order to steal user funds.
The Galxe team soon notified its users of the exploit, advising them not to use the site. They also confirmed that the compromise targeted its account with the domain name registrar – Dynadot: “We’ve detected a security breach affecting the DNS record for ‘galxe.com’ through our Dynadot account. Please refrain from visiting the site from all channels while we are resolving the issue.”
The incident impacted over 980 users, compromising their user funds. However, Galxe was prompt to devise a comprehensive recovery plan: “To the users who were affected, we recognise the impact of this security incident and have created a comprehensive recovery plan to make you whole.”
Victims of the attack have now been promised compensation in $USDT on the Polygon network. This would be according to the token’s value as of 9 October, 3am PT. Along with this, they will also receive an addition of 10% to the initial loss amount from the project treasury.
The team also clarified that only those users who authenticated transactions on the phishing site were impacted. All other aspects of the site remained uncompromised. Users who think they were affected but aren’t listed or who identify discrepancies in their loss valuation can contact the platform’s support team with their respective evidence for rectification, added Galxe.
The address that carried out last week’s DNS hijack attack was observed to be the same one that was tied to the attacker who executed a similar attack on decentralised exchange Balancer on 20 September.
While the domain name system is a widely used protocol that websites rely on, attackers can exploit issues in DNS in order to carry out malicious activities, as demonstrated in both of these incidents.
Galxe is a Web3 credential data network that aims to help web3 developers and projects leverage on-chain credential tracking to build products and communities. Users can enjoy custom reward programs from projects and developers for attending community events, participating in governance tasks, or completing incentivised activities.
Balancer, on the other hand, is an Ethereum-based Automated Market Maker (AMM) protocol that functions as a decentralised exchange (DEX). It is also a “self-balancing” portfolio management tool and its AMM provides traders with liquidity for their ERC-20 tokens.