Galxe suffered a hacker attack, and the loss of the attack in the first half of 2023 exceeded 655.61 million US dollars

At about 10:00 pm on October 6, the attack caused damage to the assets of multiple users, with a loss of approximately $200,000.

The attack was carried out via DNS hijacking, redirecting users to malicious websites and stealing funds when they connected their wallets.

Galxe officials have shut down the Galxe website, and they remind users not to visit the Galxe website, not to connect their wallets to Galxe, and call on users to transfer funds associated with their Galxe accounts to new wallets. At the same time, they provide an address (0x0000eaab14253e1421aef4F48eE539F2653C0000) for users to use revoke.cash to revoke access permissions.

The stolen funds have been directed to a specific address (0x4103baBcFA68E97b4a29fa0b3C94D66afCF6163d) that may be linked to a hacker who previously performed a similar attack on the Balancer exchange frontend.

Galxe officials promised to continue to investigate the attack in depth, cooperate with law enforcement agencies, and will soon share a complete investigation report and fund recovery plan. Victims are urged to seek official support through the official Discord.

In short, this attack caused significant losses to Galxe users.
The losses from the Galxe attack are nothing compared to the Mixin network hack on September 25th, which cost nearly $200 million.
Similar incidents abound
The famous AXS roin bridge incident, the cross-chain bridge O3 incident, the CRV protocol vulnerability MEV robot incident, the Bitrue hot wallet was attacked and about $23 million worth of tokens were stolen, and nearly $13 million worth of assets were stolen from the Korean exchange Gdac
According to simple statistics, the total losses in the Web3 field due to hacker attacks, phishing scams and project party Rug Pull in the first half of 2023 reached 655.61 million US dollars.
There are many cases of blockchain projects being attacked, which usually involve hackers or malicious behavior, resulting in damage to assets or information. Especially for beginners, you should pay more attention to security precautions. The following are some common types and examples of Web3 project attacks. Knowing more will help you prevent them.

Smart contract vulnerabilities: Smart contracts are a core component of a project, but they can sometimes contain vulnerabilities that allow hackers to break in. For example, in the 2016 DAO attack, hackers successfully exploited a smart contract vulnerability to steal a large amount of Ether.

Exchange theft: Exchanges are a key component of the cryptocurrency ecosystem, but they are often targeted by hackers. For example, Mt.Gox, an early Bitcoin exchange, suffered a large-scale hack in 2014, resulting in the loss of user assets.

Wallet theft: Cryptocurrency wallets are tools for managing and storing digital assets, but they are also vulnerable to hacker attacks. Some wallets may have vulnerabilities or users' private keys may be stolen. For example, the Parity multi-signature wallet suffered a major vulnerability attack in 2017, resulting in a large amount of Ethereum being frozen.

Phishing attack: Malicious actors may trick users into entering their private keys or sensitive information by impersonating legitimate project websites or wallet applications. This type of attack is called a phishing attack.

DeFi arbitrage attacks: DeFi (decentralized finance) projects usually allow users to provide liquidity and conduct arbitrage transactions, but sometimes hackers may exploit contract loopholes or improper means to obtain assets. For example, the Flash Loan attack in 2020 is an example in which hackers obtained assets through multiple transactions.

DNS hijacking attack: Galxe incident, hackers can attack the DNS settings of Web3 projects and redirect users to malicious sites to steal funds or information.

Smart Contract Token Vulnerabilities: Sometimes smart contract tokens may have vulnerabilities, resulting in incorrect token issuance or transfer. This situation may result in user losses.

Social engineering attacks: Hackers may use social engineering techniques, such as pretending to be project team members or partners, to trick users into providing private keys or sensitive information.

Please note that the security of blockchain projects is an ongoing challenge, and users need to take appropriate security measures to protect their assets and information. This includes reviewing smart contract codes, using secure wallets, being wary of phishing attacks, and maintaining updated security measures.
Blockchain security has always been one of the hot spots pursued by this market. If you find a project in the market that is engaged in security construction and can solve most security problems, you must start with it, because it will have considerable room for development in the future.
At the end of the article, I would like to share with you a personal experience that has already entered the market.
The cover image is its two-day line
The biggest basis is $MKR 's good brother