The team behind Stars Arena, a new protocol inspired by friend.tech, has dismissed what it calls “coordinated FUD” after patching a vulnerability that allowed attackers to get away with $2,000 on the Avalanche-based decentralized social media platform.
on October 5 postal The Stars Arena account said on X (Twitter) that the bug had been fixed, adding “Make no mistake, we are at war.”
The vulnerability has been fixed.
But make no mistake, we are at war.
We are being targeted by malicious actors in this space who want to steal your money.
The little guy is under attack.
You are under attack.
Your platform diversity rights are under attack.
not understand… pic.twitter.com/DmbMdf9cAq
— Star Arena (@starsarenacom) October 5, 2023
Pseudonym (AVAX) token.
So what is the current consumption situation of the contract?
Their getPrice() function is broken
You can sell 0 shares and receive AVAX. Yes. You can do this now and it will work.
But where do these extra AVAX come from?
Read next ⬇️ pic.twitter.com/0RM7NHxLeq
— lilitch.eth (@0xlilitch) October 5, 2023
However, this attack method is reportedly not financially feasible for attackers. The vulnerability itself caused Avalanche’s gas charges to rise significantly, making revenue from the hack much more expensive than expected.
As a result, attackers may end up spending more on gas than they earn from the vulnerability.
Ava Labs CEO Emin Gün Sirer emphasized in the X post that for every $0.04 a hacker earns from a vulnerability, the average cost is $0.25.
There has been so much FUD about the Stars Arena vulnerability, which (1) has been fixed, (2) cost the attacker $0.25 to earn $0.04, and (3) the attacker only withdrew $2,000 in total. Now that that’s over, let’s get on with the fun in the arena.
— Emin Gün Sirer (@el33th4xor) October 5, 2023
Although the attack was relatively unsuccessful, members of the cryptocurrency community were quick to slam the Stars Arena team.
related: Friend.tech SIM swap scourge continues, scammers make $385,000 in Ethereum
Delegate’s anonymous founder and developer “foobar” lashed out at the platform, claiming it screwed up its friend.tech fork, telling Stars Arena to “delete your account and products, clownshow.”
You took a fully functional base contract and somehow added a new attack vector in an unverified fork. Delete your account and products, clownshow
— foobar (@0xfoobar) October 5, 2023
Stars Arena is the latest app to join a growing number of social finance platforms such as Alpha on Bitcoin Network, Friendzy on Solana and PostTech on Arbitrum.
Despite the surge in the number of DeSo-like apps, friend.tech maintains its market leadership with over $293 million in monthly transaction volume, surpassing the second-place app PostTech by over $283 million.
Magazine: Blockchain Detective – Mt. Gox Collapse Witnessed the Birth of Chainaanalysis
Svlook
