Stars Arena Incident Causing Community Disturbance Confirmed Not A Hack
- The Avalanche-based Stars Arena project, mirroring friend.tech, confronts a second security breach, sparking user concerns.
- Hackers exclusively withdrew AVAX assets from user wallets in the Stars Arena incident, a departure from the previous reentrancy attack.
The friend.tech clone project on Avalanche Stars Arena is once again facing security concerns following a recent incident that has caused damage to many users’ assets. The project has responded by announcing a key migration to enhance security measures.
Stars Arena’s Ongoing Security Struggle
According to the project, a thorough investigation by its engineering team has found no evidence linking the recent claims of funds draining to an exploit affecting the wider platform. Instead, the project believes that the affected Stars Arena incident is isolated and has identified the potential parties involved, who will be contacted directly.
The project’s response comes amidst growing concerns among users who have reported missing funds. On November 17, 2023, an account named “GiganticTip” shared on-chain data retrieval findings indicating that many users had their assets drained, with AVAX tokens being transferred through the FixedFloat mixer to obscure the hacker’s identity.
Unique Tactics in Recent Stars Arena Incident
Notably, this time, the hacker only targeted AVAX tokens and did not sell tickets, a departure from the first hack in early October 2023. In that incident, the hacker exploited a reentrancy vulnerability to sell tickets at inflated prices, causing Stars Arena‘s TVL to plummet. The attacker later returned the funds, keeping 10% as a bug bounty.
Despite the project’s assurances and plans to continue development, the Stars Arena incident has further eroded users’ trust. The incident raises questions about the project’s security measures and the potential for further vulnerabilities. The upcoming key migration will be closely watched as the project seeks to regain user confidence and address ongoing security concerns.
DISCLAIMER: The information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.