On October 6, multiple users reported that their assets were stolen after authorizing the Galxe platform, a Web3 credential data network. Galxe has taken down the website while working to fix the problem. Today, Galxe announced that it has restored control of the domain name, and a preliminary assessment is that the total amount of damaged funds is less than US$200,000. On-chain detective ZachXBT said that the address to which Galxe’s stolen funds were transferred may be the same attacker who recently attacked the Balancer front-end.
Although DeFi contracts are theoretically free from human intervention after deployment, most front-ends are still implemented through traditional architectures, and there are potential threats in domain names, network services, servers, storage services, etc. The earlier Curve pool vulnerability, unlike most cryptocurrency hacking incidents, had nothing to do with the smart contract itself, but with the underlying compiler. Hacker attack methods are becoming increasingly diverse and market opportunities are gradually shrinking, which means that hackers need newer and unexplored entry points to explore.