Stars Arena, a decentralized social media platform on Avalanche, announced that it had recovered nearly all of the funds that were stolen from its smart contract in a recent exploit. The platform offered a 10% bounty, worth over $250,000, to the exploiter in exchange for returning the funds.
The exploit occurred on October 7, when a hacker exploited a reentrancy vulnerability in the Stars Arena contract and drained about $2.5 million worth of AVAX tokens. The hacker then transferred the funds to a crypto exchange called Fixed Float.
Stars Arena contacted Fixed Float and requested them to freeze the hacker’s account and return the funds. However, Fixed Float refused to cooperate and demanded a 10% fee for their service. Stars Arena then decided to offer the same fee to the hacker directly, hoping to persuade them to return the funds voluntarily.
The hacker agreed to the deal and sent back 90% of the stolen funds to Stars Arena. The platform confirmed the recovery on Twitter and thanked the hacker for their cooperation. Stars Arena also stated that it would relaunch the platform soon after completing a security audit by Paladin.
Stars Arena is a platform that allows creators to monetize their content by selling tickets to their exclusive chat rooms. The platform has seen rapid growth in user activity and revenue but has also faced several security challenges. The platform was also hit by a DDoS attack and another minor exploit in the same week.
The exploits and recovery of Stars Arena highlight the risks and opportunities of decentralized platforms on blockchain. While they offer innovative ways for users to interact and earn value, they also require robust security measures and community support to prevent and recover from attacks.