Stars Arena faced an exploit worth $2,000. Now, reports are surfacing claiming that almost $1 million could be at risk. It was basically a smart contract vulnerability that enabled hackers to sell zero shares in return for AVAX. Meaning, they were draining funds from the network with no contribution whatsoever.
The vulnerability has been fixed, but the team has sparked caution, saying that malicious actors could still be out there to steal money. We are at war, said the Protocol, after clarifying that the exploit has been fixed, but members cannot be mistaken about anything.
Malicious actors target the protocol only to steal the money their users hold in their wallets. The platform thrives on the diversity of the customer base; however, it has signaled to exercise caution at all levels. The team has shed light on what happened. It said malicious actors spent $5 to drain $1 from the TVL. They were effectively throwing money at the users.
Stars Arena has not specified who is behind the attack or who could be behind it. The exploit is being talked about because the mechanism is based on buying and selling shares for AVAX. The hacker was able to take advantage of the smart contract vulnerability and bypass the process of selling shares.
Sources close to the team, Stars Arena, have said that the situation is under control because the exploitation is not economically viable. It has caused an increase in gas fees, making the hackers spend more on it than what they have stolen.
Emin Gun Sirer, the founder of Avalanche, has said that it costs $0.25 to make $0.04 for the hacker, adding that they could only extract $2,000. Emin then said it was time to return to the arena and have some fun.
Community members are split. Some have appreciated the efforts of Team Stars Arena to fix the vulnerability. Others have said that the damage could have been worse if it were not for the gas fees that were kicked in before the incident.
Services are now back to normal after being unavailable for a while. Members continue to explore the sphere while reporting several issues after the resumption of the service. It is not because of the attack, but it may be because the patch fixed has caused some internal changes that the team has not addressed.
More pieces of information about the incident have not been made public yet. Developers or representatives from Stars Arena have not commented despite media channels’ requests.
Meanwhile, AVAX has jumped by 4.35% in the last 24 hours to touch the trading value of $10.45. The volume has slipped by 10.79%, but the market cap is dancing at a higher value of 4.39%, both reflecting changes in the last 24 hours.
Source: https://www.cryptonewsz.com/stars-arena-patches-a-smart-contract-vulnerability/