- Avalanche’s Stars Arena has had its smart contract exploited, users asked not to deposit any funds
- PeckShield blockchain security firm records a loss of approximately $2.9 million in the attack.
- It operates side-by-side with Friend.tech, running as a social protocol on AVAX blockchain.
- It is the second attack in less than three days.
Stars Arena is the latest victim to the works of hackers, with reports that its smart contract was compromised. It is a social protocol on the Avalanche blockchain, operating side-by-side against the likes of Friend.tech.
Stars Arena compromised twice in under three days
Stars Arena has asked users not to deposit any funds after the protocol suffered a major security breach on its smart contract.
There has been a major security breach with the smart contract.— Stars Arena (@starsarenacom) October 7, 2023
We're actively checking the issue.
DO NOT deposit any funds.
Stay tuned for updates.
Blockchain security firm PeckShield has explained the attack, noting that “Our initial analysis on today's Stars Arena $2.9M hack indicates a reentrancy issue on the Stars Arena: Shares contract on this address. Reportedly, the bad actors leveraged the reentrancy to update the weight when the share per ticket was issued so that a single share could be sold at a much higher price.
Our initial analysis on today's @starsarenacom $2.9M hack indicates a reentrancy issue on the Stars Arena: Shares contract at https://t.co/Hg6C8MCPan— PeckShield Inc. (@peckshield) October 7, 2023
The reentrancy is abused to update the weight when the share/ticket is issued so that 1 share can be sold at a much higher price… https://t.co/17CxO3uLbe pic.twitter.com/fouVjevYTs
The attackers leveraged a previous bug, reported here, which saw the social protocol lose up to $1 million. The same user who exploited the 'Sell Shares' bug has strike again, now taking advantage of a new vulnerability in the Stars Arena contract to send 266,103 AVAX to the aforementioned address.
In an interesting update, PeckShield has associated the address related to the Stars Arena attack with another one linked to a phishing address that was originally funded from HTX Global (formerly Huobi Global)
#PeckShieldAlert @starsarenacom hacker-labeled address 0xa2Eb...ad7A is associated with the phishing address 0x85Ee...632a, originally funded from #HTX— PeckShieldAlert (@PeckShieldAlert) October 7, 2023
Phishing site: https://lido[.]blue/ pic.twitter.com/a5lwyXnh6I
At the time of writing, Avalanche (AVAX) price is $10.77, recording a 2% rise in the last 24 hours.
Cryptocurrency metrics FAQs
What is circulating supply?
The developer or creator of each cryptocurrency decides on the total number of tokens that can be minted or issued. Only a certain number of these assets can be minted by mining, staking or other mechanisms. This is defined by the algorithm of the underlying blockchain technology. Since its inception, a total of 19,445,656 BTCs have been mined, which is the circulating supply of Bitcoin. On the other hand, circulating supply can also be decreased via actions such as burning tokens, or mistakenly sending assets to addresses of other incompatible blockchains.
What is market capitalization?
Market capitalization is the result of multiplying the circulating supply of a certain asset by the asset’s current market value. For Bitcoin, the market capitalization at the beginning of August 2023 is above $570 billion, which is the result of the more than 19 million BTC in circulation multiplied by the Bitcoin price around $29,600.
What is trading volume?
Trading volume refers to the total number of tokens for a specific asset that has been transacted or exchanged between buyers and sellers within set trading hours, for example, 24 hours. It is used to gauge market sentiment, this metric combines all volumes on centralized exchanges and decentralized exchanges. Increasing trading volume often denotes the demand for a certain asset as more people are buying and selling the cryptocurrency.
What is funding rate?
Funding rates are a concept designed to encourage traders to take positions and ensure perpetual contract prices match spot markets. It defines a mechanism by exchanges to ensure that future prices and index prices periodic payments regularly converge. When the funding rate is positive, the price of the perpetual contract is higher than the mark price. This means traders who are bullish and have opened long positions pay traders who are in short positions. On the other hand, a negative funding rate means perpetual prices are below the mark price, and hence traders with short positions pay traders who have opened long positions.
Information on these pages contains forward-looking statements that involve risks and uncertainties. Markets and instruments profiled on this page are for informational purposes only and should not in any way come across as a recommendation to buy or sell in these assets. You should do your own thorough research before making any investment decisions. FXStreet does not in any way guarantee that this information is free from mistakes, errors, or material misstatements. It also does not guarantee that this information is of a timely nature. Investing in Open Markets involves a great deal of risk, including the loss of all or a portion of your investment, as well as emotional distress. All risks, losses and costs associated with investing, including total loss of principal, are your responsibility. The views and opinions expressed in this article are those of the authors and do not necessarily reflect the official policy or position of FXStreet nor its advertisers. The author will not be held responsible for information that is found at the end of links posted on this page.
If not otherwise explicitly mentioned in the body of the article, at the time of writing, the author has no position in any stock mentioned in this article and no business relationship with any company mentioned. The author has not received compensation for writing this article, other than from FXStreet.
FXStreet and the author do not provide personalized recommendations. The author makes no representations as to the accuracy, completeness, or suitability of this information. FXStreet and the author will not be liable for any errors, omissions or any losses, injuries or damages arising from this information and its display or use. Errors and omissions excepted.
The author and FXStreet are not registered investment advisors and nothing in this article is intended to be investment advice.