Just a day after Stars Arena being exposed to a non-critical bug, it has suffered a major security breach which drained the whole TVL from the contract.
The Avalanche based protocol has shared on its official Twitter (X) account that its smart contract is attacked. It has also said to users to avoid depositing funds.
According to data by DeFiLlama, Stars Arena had a TVL (total value locked) of nearly $2.8 million on October 7 which all has been drained in the attack.
Blockchain security firm PeckShield identified the attack and explained that hackers have abused reentrancy in Stars Arena smart contract. By doing so, hackers have updated weight when the profile share is issued which enables selling a share at a much higher price of 274k AVAX.
Stars Arena was launched a couple of weeks ago and it recorded immense growth by surpassing $1 million TVL within days.
