Galxe Announces $396,000 Refund After DNS Attack

Galxe, a Web3 credentials and rewards platform, has taken measures to reassure its community in response to last week’s DNS attack. The platform announced a refund totaling slightly over $396,000 for over 980 affected users, along with an additional 10% compensation on the lost funds.

The funds of impacted users will be automatically returned to the wallet addresses from which they were taken unless alternative instructions are provided. The affected users will receive their refunds in Tether (USDT), scheduled to be processed on Oct. 16.

Galxe’s Compensation Plan Underway

The attacker exploited a DNS hijack, redirecting visitors from Galxe’s official website to a malicious phishing site, leaving many users vulnerable. This incident resulted in a compromise of user funds, ing Galxe to develop a comprehensive recovery plan swiftly. The team stated to the affected users that they recognized the impact of this security incident and had created a comprehensive recovery plan to make them whole.

Users who suffered losses are assured compensation in USDT on the Polygon network, valued as of Oct. 9, 3 a.m. PT. Galxe has also committed to supplementing an additional 10% to the initial loss amount from the project treasury as a goodwill gesture.

It was clarified that only users who authenticated transactions on the phishing site were affected during the attack, while all other aspects of the site remained uncompromised. Galxe also encouraged users who believe they were affected but are not listed or identify discrepancies in their loss valuation to reach out to the platform’s support team with relevant evidence for resolution.

Galxe Has Implemented Enhanced Security Measures

In a preliminary estimate as of Oct. 10, losses due to the attack on Galxe were reported to be over $396,000, ying from over $53,000 to just a few cents. Initially, the company had estimated that approximately 1,120 users were affected by the hack.

Charles Wayn, co-founder of the platform, stated that Galxe is collaborating with two security firms to trace the hacked funds. Additionally, the platform has enhanced its domain name and service security settings, changed its domain provider, and initiated security audits.

Wayn explained that the incident was mainly caused by [domain registrar] Dynadot resetting their account information and granting permission to an impersonator who provided fake documentation claiming to be an authorized member of Galxe.

The Galxe protocol is a permissionless self-sovereign identity infrastructure. The native token GAL experienced a drop from $1.20 to $1.15 on Friday, Oct. 6. It subsequently reached $1.21 over the weekend with substantial trading volume. At the time of writing, it has stabilized at $1.14, per CoinGecko.