Galactic Monster Quest Hacked <500+ QUICK>

These Voidborn monsters were then instantly liquidated on secondary marketplaces like OpenSea and Magic Eden, netting the perpetrators an estimated $14.2 million in cryptocurrency before anyone hit the panic button.

Indeed, a decentralized group of blockchain developers has already begun work on “Galactic Monster Redemption,” a fork of the original game’s smart contracts with additional security layers and a mandatory 30-day lock on all high-value trades to prevent rapid liquidation exploits. The Galactic Monster Quest hack is not an isolated incident. It joins a growing list of high-profile gaming exploits of 2025, including the Axie Infinity: Origins breach in March ($22 million lost) and the Illuvium Land Sale hack in July ($8 million). Galactic Monster Quest Hacked

Rumors have also swirled about an inside job. Former StellarForge lead developer Kieran “K1NG” O’Sullivan, who left the company under unclear circumstances three months prior, has been questioned by private security firms. O’Sullivan has denied any involvement, posting on X: “I loved GMQ. I would never destroy what I helped build. Find the real culprits.” These Voidborn monsters were then instantly liquidated on

In the end, that might be the most powerful exploit of all. If you were affected by the Galactic Monster Quest hack, resources are available: Visit the official StellarForge incident page at stellarforge.com/security, join the Project Phoenix support Discord, or report financial losses to your local authorities and the FBI’s IC3. It joins a growing list of high-profile gaming

What followed was one of the most sophisticated and damaging exploits in the history of blockchain-integrated gaming. This is the full story of how Galactic Monster Quest got hacked, what was stolen, and whether the game—or its community—can ever recover. Initial reports suggested a simple server breach. But as cybersecurity analysts and white-hat hackers began dissecting the code, a far more terrifying picture emerged.

According to Chainalysis data released three days after the attack, the hackers used a re-entrancy loophole in the game’s smart contract for “Cosmic Fusion”—a feature that allowed players to merge three common monsters into one rare hybrid. By repeatedly calling the fusion function before the contract could update the player’s balance, the attackers minted over 50,000 ultra-rare “Voidborn” monsters in under 45 minutes.

The breach was not a brute-force attack or a simple SQL injection. Instead, the perpetrators exploited a zero-day vulnerability in the game’s cross-chain bridge—the technology that allowed players to trade GMQ’s native “Nebula Tokens” and NFT-based monsters between Ethereum, Solana, and Polygon networks.