Stars Arena, a social platform supported by Avalanche’s Contract Chain, has fallen victim to a significant security breach. In a Saturday tweet, the official Stars Arena Twitter account issued a warning confirming that the platform’s smart contract had been attacked. The team urged users not to deposit any funds while the issue was being investigated.
Crypto expert Redline, who first detected the security breach, revealed that hackers had successfully transferred 266,103 AVAX (approximately $2.85 million) using the FixedFloat exchange service. Following the news, the price of AVAX experienced a dip from $11.56 to $10.78, prompting users to advise one another to remove Stars Arena from their Twitter accounts.
The Response and Recovery Efforts
Hours later, Stars Arena issued an apology for the smart contract exploit and acknowledged that they were still enduring a distributed denial-of-service (DDoS) attack. They assured users that efforts were underway to recover everyone’s funds and restore the functionality of the platform.
In an attempt to address the situation, the Stars Arena team hosted a live Twitter Spaces session on Saturday with the goal of providing a comprehensive explanation of the breach. They announced that a specialized white hat development team would conduct a thorough security review of the platform. Once the audit is completed, they plan to reopen the contract with all funds fully secured.
Stars Arena’s Growth and Features
Launched just last month amid the surging popularity of Friend.tech, a social token-driven platform for creating and monetizing online communities, Stars Arena has been steadily gaining traction. The project offers influencers, content creators, and public figures the ability to monetize their fan base by granting exclusive access to content and offers. Users can link their Twitter accounts and trade profile tokens using Avalanche’s AVAX cryptocurrency.
This breach occurred amidst a surge in transactions on Stars Arena, with trading volume increasing by 248% in the 24-hour period just prior to the attack. Earlier in the week, the platform had experienced an exploit that allowed hackers to steal $2,000. Likewise, a hacker recently stole approximately $385,000 worth of digital assets in 24 hours by performing SIM-swapping attacks on friend.tech users.
As reported, blockchain sleuth ZachXBT revealed the scammer had pilfered 234 ETH in 24 hours by SIM-swapping four different friend.tech users. In total, approximately $332 million has been lost to various exploits, hacks, and scams throughout September, marking a record-high month for crypto exploits.