Cryptocurrency projects continue to be targeted by hackers, and the latest casualty is Stars Arena, an Avalanche-based social app. Preliminary estimates indicate that the attackers made off with approximately $2.9 million worth of AVAX tokens from the platform. While the team has issued an apology and expressed intentions to reimburse users, the incident sheds light on the persistent security challenges faced by blockchain projects.
Rapid Rise and Sudden Fall
Stars Arena, a social app built on the Avalanche platform, made a notable entry into the crypto space just a week ago. With striking similarities to the Ethereum-based Friend.Tech project, Stars Arena quickly gained attention, amassing a following of over 25,000 within a short span.
However, during the early hours of Saturday, the Stars Arena team delivered a distressing announcement on Twitter, revealing a security breach in the smart contract:
“There has been a major security breach with the smart contract. We’re actively checking the issue. DO NOT deposit any funds. Stay tuned for updates.”
The Heist: Approximate Loss of $2.9 Million in AVAX Tokens
Although specific details regarding the stolen amount were not provided by the Stars Arena team, blockchain security resource PeckShield estimated the heist to be close to $3 million in AVAX tokens. According to DeFiLlama data, the perpetrators managed to drain nearly all of the project’s total value locked, leaving a mere $0.5 behind.
Warnings Ignored: Vulnerabilities in Smart Contract
The attack comes in the wake of warnings from several Stars Arena users on potential security vulnerabilities in the project’s smart contract. Intriguingly, Avalanche’s founder, Emin Gün Sirer, downplayed these warnings. This incident serves as a stark reminder of the critical importance of robust security measures within the cryptocurrency ecosystem.
The Road to Recovery
Following the breach, the Stars Arena team issued an update, expressing deep regret for the incident. They confirmed that their smart contract had been exploited, resulting in the depletion of funds. The platform is also currently grappling with a DDoS attack. The team assured users that they are actively working to devise a solution to recover the lost funds.
“We are deeply sorry for what happened. Our smart contract was exploited and the funds were drained. The site is currently under DDOS attack. We are working on a solution to get everyone’s…”
The incident underscores the ongoing challenges and risks faced by cryptocurrency projects, underscoring the need for robust security measures and constant vigilance in the rapidly evolving crypto landscape.
Get the latest Crypto & Blockchain News in your inbox.