Bitcoin
$57,552.93-3.44%
Ethereum
$2,911.41-1.61%
Binance Coin
$548.56-2.64%
Solana
$129.81+5.42%
XRP
$0.50877097+1.86%
Dogecoin
$0.12634459-1.84%
Toncoin
$4.74-2.03%
Cardano
$0.44347798+1.28%
Shiba Inu
$0.00002184+0.62%
Avalanche
$32.55+1.72%
Tron
$0.12256618+1.84%
Polkadot
$6.86+6.27%
PlayIconNav
Crypto Prices CoinDesk 20 Index CoinDesk 20 Index
Countdown to Consensus 2024The largest and longest running event that covers all sides of Crypto and Web 3
27
DAYS
04
HR
59
MIN
27
SEC
Markets

Stars Arena Recovered 90% of the Funds Lost to Hack After Bounty Paid

The social app on Avalanche was drained for $3 Million last week.

By Sam Reynolds
AccessTimeIconOct 11, 2023 at 4:53 p.m. UTC
Updated Oct 11, 2023 at 8:26 p.m. UTC
A hacker (Azamat E/Unsplash)
A hacker (Azamat E/Unsplash)
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global hub for everything crypto, blockchain and Web3.Register Now

Stars Arena said in a message posted on X that 90% of the funds lost in the hack of the platform had been recovered.

The platform said it had "reached an agreement with the individual responsible for the recent security breach" and paid a 10% bounty fee plus 1000 AVAX ($9,333).

Earlier, an on-chain message signed by the smart contract address that attacked the Avalanche-based social app Stars Arena suggested that the entity behind the exploit wants to cooperate.

(Snow Trace block explorer)
(Snow Trace block explorer)

Last week, the up-and-coming social platform Stars Arena was hacked, resulting in a loss of $3 million in AVAX tokens, despite prior warnings from users about potential security vulnerabilities.

Before the hack, Stars Arena was a darling of the Avalanche protocol, pushing up the AVAX token. Market data shows that the token is down 3% in the last week.

Signing transactions is a way pseudonymous hackers make their mark after an attack.

After Poly Network was hacked in 2021, the attacker teased the community via signed messages and threatened to delay the return of funds. Meanwhile, virtual beggars used the same tactic to panhandle for donations from the attacker.

In March, the individual responsible for Euler Finance's $200 million exploit returned over $120 million to the protocol and issued an apology via signed messages on different blockchain transactions, identifying as “Jacob.”

In 2020, Bitcoin addresses that Craig Wright claims to own were used to sign a public message labeling him a “fraud" and refuting his ownership of them.

UPDATE (October 11, 2023, 21:17): Updates headline and first paragraph to reflect fund recovery.

Edited by Aoyon Ashraf.

Disclosure

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.

Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.