Stars Arena reclaims 90% of stolen assets after issuing $257K bounty
Decentralized social media app Stars Arena has recovered nearly all crypto stolen in an Oct. 7 exploit, aside from a 10% bounty given to the attacker.
On Oct. 11, Stars Arena announced via X that about 90% of the exploited 266,000 Avalanche (AVAX), then valued at roughly $3 million, was returned following an agreement that included awarding the exploiter a bounty of 27,610 AVAX, worth close to $257,000.
The bounty further included compensation for an additional 1,000 AVAX, valued at over $9,000, which the exploiter seemingly lost during a bridge transaction.
Following the recovery, Stars Arena revealed that it is finalizing an audit for a newly written smart contract. Once the audit is complete, the platform aims to place the returned funds in this new contract.
The announcement comes after the platform first alerted its community to what it termed a “major security breach” on Oct. 7, which resulted in funds being drained from its smart contract.
To address the security lapse, Stars Arena secured additional funding and contracted a development team to conduct a full security audit. However, details surrounding the nature of the exploit have not yet been disclosed.
Before the exploit, Stars Arena held the top spot as Avalanche’s most popular decentralized app (dapp), greatly boosting the network’s activity.
Following the exploit, the price of Avalanche (AVAX) experienced a 13.53% drop and is currently trading at $9.01. This depreciation has had a knock-on effect on the value of the recovered funds for both Stars Arena and its user base.
The 90% of funds that were recovered, amounting to 239,493 AVAX, are now valued at approximately $2.22 million, a decrease from their initial worth of $2.55 million.
A few days prior, on Oct. 5, Stars Arena was targeted in a smaller exploit where hackers reportedly absconded with about $2,000.
According to a post by a pseudonymous user named “0xlilitch,” the exploit was due to a vulnerability in a price function within the platform’s smart contract.
Stars Arena has since claimed to have patched this vulnerability.
In related news, Friend.tech, a leading competitor to Stars Arena, has also been the target of SIM-swap attacks. The platform recently implemented additional security features to mitigate such attempts.