Avalanche Friend.Tech Clone Under Attack, Over $3M Drained

Hackers manage to exploit yet another smart contract bug in Stars Arena to pocket millions of dollars.

Hacker sitting infront of a digital globe, making transactions.
Created by Gabor Kovacs from DailyCoin
  • Avalanche’s viral SocialFi platform is under attack again. 
  • Hackers exploited a smart contract bug to drain the protocol of all its funds.
  • Although Stars Arena has recovered the stolen funds, users remain wary and hesitant.

Avalanche’s viral social app, Stars Arena, found itself in a financial freefall as attackers capitalized on a smart contract bug, leaving the platform nearly penniless. The attack marks the second onslaught in three days, with stolen funds soaring past $3 million.

Stars Arena’s Alarming Attack

Stars Arena, Avalanche’s Friend.Tech clone has faced yet another attack from exploiters. On October 7, hackers orchestrated a daring raid, siphoning off a staggering $3 million worth of AVAX tokens, leaving Stars Arena with under $1 in its coffers. Following reports from numerous users, Stars Arena swiftly acknowledged the breach and issued an urgent warning, advising against any further deposits.

Blockchain security firm Peckshield shared that hackers exploited a reentrancy function in Stars Arena’s smart contract, which allowed them to manipulate the ticket/share price and sell it at 274,000 AVAX or around $2.9 million. 


This is the second attack of its kind. Just two days ago, on Thursday, hackers successfully leveraged another vulnerability in the SocialFi app, pocketing $1 million by redeeming zero shares for AVAX payouts.

At press time, Stars Arena shared that it had successfully secured its resources from the hackers, closing the gap caused by the exploit. However, the implicated smart contract remains locked and will re-open once it goes through necessary audits. 

This tumultuous turn of events left Stars Arena’s devoted community less than pleased.

Stars Arena Community Uneasy

Stars Arena burst onto the scene just over a week ago, igniting a wildfire of excitement among Avalanche’s ardent community. In record time, it amassed a substantial following, with numerous members raking in substantial AVAX rewards through trading fees on the platform.


This frenzied launch was swiftly overshadowed by a string of relentless exploits, setting off alarms among users. The glaring absence of robust auditing practices left many uneasy, with many community members voicing suspicions of an insider job.

On the Flipside

  • The original Friend.Tech platform was also shaken by a flurry of SIM-Swap attacks, with users losing hundreds of thousands of dollars. 
  • As a result of the hype surrounding Stars Arena, Avalanche saw an inflow of over 500,000 transactions on the network and pumped to the $10 mark. 

Why This Matters

Decentralized social platforms are emerging as the latest trend in the crypto space; however, most of them have suffered at the hands of smart contract bugs and exploits, making users feel uneasy about joining the hype. 

Read what Charles Hoskinson said to his critics:
Cardano Founder Hoskinson Claps Back At Claims of Dishonesty

Read about Yuga Labs’ new direction: 
Yuga Labs Prepares For Layoff Round: “We Aren’t Optimized”

This article is for information purposes only and should not be considered trading or investment advice. Nothing herein shall be construed as financial, legal, or tax advice. Trading forex, cryptocurrencies, and CFDs pose a considerable risk of loss.

Insha Zia

Insha Zia is a senior journalist at DailyCoin covering crypto developments, especially in the Cardano ecosystem. With a Bachelor of Science in Computer Systems Engineering, he delivers high-quality articles with his technical background and expertise in data analysis and programming languages, aiming to educate and inform readers accurately, transparently, and engagingly. Insha believes education can drive mass adoption of the crypto space, and he is committed to giving DailyCoin readers a better understanding of the technology.