Avalanche-based social protocol Stars Arena is facing a security vulnerability that could lead to financial losses.
An analyst known on social media as lilitch.eth has discovered a vulnerability in Stars Arena’s smart contract. found.
Explicit in the contract, written incorrectly getPrice() due to its function. Thanks to this vulnerability, which has been confirmed by other sources, hackers can call the contract and they can transfer funds to their own wallet.
Locked in the contract due to this security vulnerability $1 million Funds worth too much are at risk.
However, for hackers to drain these funds to the contract more than once They need to make a request. Transaction fees currently on the network high because such a Organizing attacks is lucrative for hackers it doesn’t stop.
The total value of locked assets in Stars Arena, which started to be used in September, is only $1 million in two weeks exceeded the level. The popularity of Stars Arena in a short time, Increase in transactions on the Avalanche network led.