Decrypt’s Art, Fashion, and Entertainment Hub.
Stars Arena, a social platform backed by Avalanche’s Contract Chain, has been hit with what the project calls a “major security breach.”
Launched last month following the sudden popularity of Friend.tech, a social token-driven platform allowing users to create and monetize online communities, Stars Arena has been steadily increasing in popularity.
Enabling influencers, online content creators, and public figures to monetize their fan base by allowing access to exclusive content and offers, Stars Arena allows users to link their Twitter accounts and trade profile tokens using Avalanche’s AVAX.
Late Friday night, the official Stars Arena Twitter account posted a warning that confirmed the platform’s smart contract had been attacked.
“We're actively checking the issue. DO NOT deposit any funds,” the message continued.
According to Redline, a self-described crypto expert who first noticed the security breach, hackers transferred 266,103 AVAX (worth about $2.85 million) using the FixedFloat exchange service. Following the news, the price of AVAX dropped from $11.56 to $10.78, and users were encouraging each other to remove Stars Arena from their Twitter accounts.
Hours later, Stars Arena apologized for the smart contract exploit and confirmed they were still under a DDOS attack. “We are working on a solution to get everyone’s funds recovered and have the Arena move forward,” they added.
The Stars Arena team hosted a live Twitter Spaces on Saturday to further explain what happened.
"A special white hat development team is coming in to rapidly review the security of the platform," they announced. "We will re-open the contract with all the funds in full after a full security audit. This will happen very soon."
The breach comes after a surge in transactions on Stars Arena, with volume increasing 248% in the 24-hour window prior to the attack. Earlier this week, an exploit allowed hackers to take $2,000 from Stars Arena. The exploit was soon fixed but Stars Arena announced they were “at war” with “malicious actors in the space who want to steal your money.”
Earlier this week, Friend.tech was also hit by hackers. The accounts of four users of the Ethereum layer-2 network Base-backed platform were drained, with those responsible making off with $385,000 in Ethereum.