StarsArena Web3 App Reports Security Breach: Dispute Arises Over Financial Losses
Summary:
On October 5, StarsArena, a Web3 app on the Avalanche network, reportedly lost funds due to a malicious attack. A user named Lilitch.eth exposed the exploit publicly and claimed that over $1 million was lost in the attack. The StarsArena team confirmed the attack but stated losses were approximately $2,000 and that the exploit has been patched. Some users accused Lilitch of spreading fear, uncertainty, and doubt, or 'fudding'. Despite the controversy, app usage and transaction count have surged since StarsArena's launch.
On October 5, as reported via social media, StarsArena, a Web3 application operating on the Avalanche platform, suffered financial losses due to a malignant assault. A user by the alias of Lilitch.eth exposed the flaw in the system and shared the information on X, previously recognized as Twitter. According to Lilitch.eth, the assault resulted in a loss of over $1 million. The StarsArena staff acknowledged the violation terming it a 'warfare' against the app, and specified a far lesser figure of approximately $2,000 in damages. They also guaranteed the unveiled flaw was rectified, advising their users not to be misled and to realize the attack they faced.
StarsArena operates as a Web3 social media application on the Avalanche platform, akin to Friend.tech. The app grants users the ability to purchase 'shares' or tokenized assets that content creators release. These creators can subsequently permit token proprietor access to exceptional content or other advantages. Avalanche's traffic significantly spiked following the inauguration of StarsArena, as there was a surge of over 186% in the daily transaction count from October 3-4.
During the early hours of October 5, Lilitch.eth posted on X that StarsArena's funds were actively being siphoned. Lilitch.eth censured the developers and urged those who had any shares in the StarsArena to liquidate them while they had the opportunity. They also displayed a screenshot of a contract at address 0xA481B139a1A654cA19d2074F174f17D7534e8CeC, containing approximately 107,329 Avalanche (AVAX) tokens, worth over $1 million at the time.
This revelation brought about accusations against Lilitch.eth, categorizing their revelations as “fudding” (creating fear, uncertainty, and doubt). For instance, ZSwapDEX's engineer, Mork, defended the situation assuring that the exploit would not yield any profits due to the high fuel charges on the transactions and the proxy contracts' ability to be updated.
In response to the criticisms, the StarsArena team posted on X that the problem was under control. They clarified that the attackers were depleting resources, using $5 in gas to extract $1 from the app, in an attempt to tarnish its reputation. During a Twitter Spaces event, they expounded on the situation to their users, revealing that approximately $2,000 was lost during the attack.
Contrary to the information from the StarsArena team, Lilitch.eth denied that the attackers spent excessive amounts on gas to drain the platform. They said the attackers ceased their operations when the gas prices rendered the attack unprofitable. They further refuted declaring 'war' on the app and expressed support for it now that the issue had been addressed.
SIM-swap attacks have plagued users of Friend.tech, prompting a sense of anxiety. To combat this, on October 5, the Friend.tech team introduced a feature to revoke login methods.
Published At
10/5/2023 5:50:11 PM
Disclaimer: Algoine does not endorse any content or product on this page. Readers should conduct their own research before taking any actions related to the asset, company, or any information in this article and assume full responsibility for their decisions. This article should not be considered as investment advice. Our news is prepared with AI support.
Do you suspect this content may be misleading, incomplete, or inappropriate in any way, requiring modification or removal?
We appreciate your report.