Stars Arena, a social platform supported by Avalanche’s Contract Chain, has experienced a significant security breach. The official Stars Arena Twitter account confirmed the attack on the platform’s smart contract through a tweet issued on Saturday. Users were advised not to deposit any funds while the issue was being investigated.
The crypto expert Redline, who first discovered the breach, revealed that hackers had successfully transferred 266,103 AVAX (approximately $2.85 million) using the FixedFloat exchange service. This news caused the price of AVAX to drop from $11.56 to $10.78, leading users to advise removing Stars Arena from their Twitter accounts. Hours later, Stars Arena issued an apology for the smart contract exploit and revealed that they were also enduring a distributed denial-of-service (DDoS) attack. They assured users that efforts were being made to recover the funds and restore platform functionality.
Specialized White Hat Team to Review the Project
To address the situation, the Stars Arena team conducted a live Twitter Spaces session on Saturday, explaining the breach. They announced that a specialized white hat development team would conduct a thorough security review of the platform. Once the audit is complete, they plan to reopen the contract with all funds fully secured.
Stars Arena was launched last month, gaining traction alongside the popularity of Friend.tech. It offers influencers, content creators, and public figures the ability to monetize their fan base through exclusive access to content and offers. Users can link their Twitter accounts and trade profile tokens using Avalanche’s AVAX cryptocurrency. This breach occurred during a surge in transactions on Stars Arena, with trading volume increasing by 248% in the 24-hour period before the attack. Earlier in the week, the platform experienced an exploit where hackers stole $2,000. Similarly, hackers recently stole approximately $385,000 in digital assets within 24 hours by performing SIM-swapping attacks on friend.tech users. In total, around $332 million has been lost to various exploits, hacks, and scams in September, making it a record-high month for cryptocurrency exploits.