Disclaimer: Information found on CryptoreNews is those of writers quoted. It does not represent the opinions of CryptoreNews on whether to sell, buy or hold any investments. You are advised to conduct your own research before making any investment decisions. Use provided information at your own risk.
CryptoreNews covers fintech, blockchain and Bitcoin bringing you the latest crypto news and analyses on the future of money.
Stars Arena addresses ‘coordinated misinformation’ following resolution of ‘beginner’ security flaw.
The team behind the newly launched Friend.tech-inspired protocol Stars Arena has rejected what it termed “coordinated FUD” following the resolution of an exploit that allowed attackers to make off with $2,000 from the Avalanche-based decentralized social media platform.
In a post on X (Twitter) dated Oct. 5, the Stars Arena account announced that the exploit had been addressed, stating, “Don’t get this wrong, we are at war.”
THE EXPLOIT HAS BEEN FIXED.
BUT DON’T GET THIS WRONG WE ARE AT WAR.
We’re being targeted by malicious actors in the space that want to steal your money.
The little guy is under attack.
You are under attack.
Your right to platform diversity is under attack.
Don’t get it… pic.twitter.com/DmbMdf9cAq— Stars Arena (@starsarenacom) October 5, 2023
Pseudonymous X user “0xlilitch” criticized Stars Arena, asserting that its “noob devs” failed to patch a flaw in the platform’s price function, which enabled attackers to sell zero user “tickets” in exchange for technically free Avalanche AVAX (AVAX) tokens.
So how is the contract getting drained right now?
THEIR getPrice() FUNCTION IS BROKEN
You can sell 0 shares and get AVAX. Yep. You can do this right now and it will work.
But where do this extra AVAX come from?
read next ⬇️ pic.twitter.com/0RM7NHxLeq— lilitch.eth (@0xlilitch) October 5, 2023
However, the attack vector reportedly proved to be economically impractical for the attackers. The exploit led to a significant increase in gas fees on Avalanche, making it more costly to extract the gains from the hack than initially expected.
Consequently, the attackers allegedly ended up incurring higher gas fees than the amount they gained from the exploit.
Related Posts
Ava Labs CEO Emin Gün Sirer pointed out in an X post that for every $0.04 earned from the exploit, the hackers spent an average of $0.25.
So much FUD about a Stars Arena exploit that has (1) already been fixed, (2) cost the attacker $0.25 to make $0.04, and (3) the attacker extracted a sum total of only $2,000. Now that it’s over, let’s get back to having fun in the arena.
— Emin Gün Sirer (@el33th4xor) October 5, 2023
Despite the relatively ineffective exploit, members of the crypto community were quick to criticize the Stars Arena team.
Related: Friend.tech SIM-swap scourge continues as scammer nets $385K in Ether
The pseudonymous founder and developer of Delegate, known as “Foobar,” condemned the platform, asserting it mishandled its Friend.tech fork, and urged Stars Arena to “delete your account and product, clownshow.”
you took a fully functional base contract and somehow added new attack vectors in your unverified fork. delete your account and product, clownshow
— foobar (@0xfoobar) October 5, 2023
Stars Arena is the latest application to join an expanding list of social finance platforms, including Alpha on the Bitcoin network, Friendzy on Solana, and PostTech on Arbitrum.
Despite the rise of similar DeSo applications, Friend.tech continues to lead the market with over $293 million in monthly trading volume, surpassing the next closest app, PostTech, by more than $283 million.
Magazine: Blockchain detectives — Mt. Gox collapse saw birth of Chainalysis
