Avalanche-based social media dApp, Stars Arena has announced plans to soon re-open its contract following an exploit on October 7 that drained about $2.9 million of users’ assets.
This represents the second time this week that Stars Arena’s vulnerabilities have been exploited after a hacker made away with $2,000 on October 5.
Stars Arena Secures Funds For Relaunch, Contracts White Hat Team In an announcement on October 7, Stars Arena shared with its user community that it had obtained the necessary resources to account for the assets lost to the recent exploit. This development came a few hours after confirmed reports of the hack.
Furthermore, the web3 social media platform will be employing a “special” white hat team to conduct a security audit of its platform and point out other underlying vulnerabilities.
Important news: we have secured the resources to close the gap caused by the exploit.
Additionally, a special white hat development team is coming in to rapidly review the security of the platform.
We will re-open the contract with all the funds in full after a full security…
— Stars Arena (@starsarenacom) October 7, 2023
For context, white hat refers to ethical hackers or security experts who work to identify vulnerabilities and improve security systems. Following the security report from this “special” white hat team, Stars Arena has assured its users it will re-enable its smart contract. The development team behind the crypto project states this relaunch will “happen very soon.”
The Stars Arena’s exploit has drawn much attention as the Web3 project was recently launched in late September. Specifically, the Avalanche-based dApps have experienced much hype and interest due to similarities with Base-native social media platform, Friend.tech.
Popular blockchain security firm Peckshield has shed more light on the incident, describing it as a reentrancy issue. Meanwhile, SlowMist, another web3 security firm, has provided more insight into the hacker’s movement.
SlowMist notes that, of the stolen 266,103 AVAX, worth $2.9 million, the hacker has now moved 50 AVAX to an address on the FixedFloat crypto exchange, a platform known to enable the seamless swapping/conversion of cryptocurrencies.
Meanwhile, data from DefiLlama shows that the Total Value Locked (TVL) of Stars Arena has been completely wiped out and valued at only $0.051 following this attack.
Crypto Hacks Remain A Concern For all the many benefits and intriguing features of the Web3 world, hacks and attacks remain a major concern, as highlighted by the recent Stars Arena exploit.
According to the latest quarterly report by blockchain security firm Immunefi, $685.51 million worth of assets was lost to bad actors in Q3 2023. Crypto hacks accounted for over 96% of this figure, with losses of over $662.85 million from 76 incidents.
Most notably, the cross-chain protocol Mixin Network suffered the largest hack of the quarter, losing about $200 million due to an attack on a third-party network cloud provider.
AVAX trading at $10.20 on the hourly chart following a sharp decline on October 7 | Source: AVAXUSDT chart on Tradingview.com Featured image from BBC, chart from Tradingview