On October 5, Web3's social media platform Stars Arena experienced a vulnerability that allowed an attacker to move $2,000 worth of AVAX from their platform.
At that time, Stars Arena claimed to be facing a war with what they called "bad actors" who were trying to take user assets. The project firmly states its readiness to maintain platform security and appreciates its security strengths.
However, less than two days later, the decentralized social media project was again the victim of a cybersecurity breach. On October 7, the Stars Arena team announced that its smart contracts suffered a serious breach that allowed an attacker to drain an undisclosed amount of user funds from their platform.
The project also later revealed that its site was hit by a distributed denial of service (DDoS) attack, and stated that, "Our smart contracts were exploited and funds were drained. The site is under a DDOS attack. We are working on a solution to restore everyone's funds and keep Arena moving forward ."
In its announcement on October 7, Stars Arena informed its user community that it had successfully obtained the resources necessary to replace assets lost due to recent exploits. The move came hours after the hacking report was confirmed.
It's worth noting that this event was the second $3 million attack to occur in less than one week, and just one week after the project launched.
Additionally, in an effort to improve the security of its platform, Stars Arena added that it will employ a dedicated white hat team that will conduct security audits and identify other underlying vulnerabilities.
Stars Arena is a fork of Friend.tech, a well-known social media protocol that allows users to exchange social tokens linked to X (twitter) accounts. Similar to Friend.tech, Stars Arena quickly gained popularity within days of its launch in late September and saw its value increase to millions of dollars.