![nine axie infinity nine axie infinity](https://miro.medium.com/max/1400/0*8AveoTK3sWEoDXlG.png)
In addition, Sky Mavis said it has "temporarily paused" the Ronin bridge to ensure no other attack vectors are open as the developer investigates the sidechain hack.Īxie Infinity, Sky Mavis' tentpole game, is part of an emerging category of NFT video games. Sky Mavis is also "working with law enforcement officials, forensic cryptographers, and our investors to make sure all funds are recovered or reimbursed." The company disclosed the Ethereum wallet address of the threat actor, which held approximately $595 million at press time. The developer said that going forward, it has prevented future attacks in part by raising the validator threshold from five nodes to eight. Sky Mavis did not respond to SearchSecurity's request for comment. It's unclear how attackers obtained the private keys, or if the backdoor in question was placed by threat actors or created by design for the company. Sky Mavis said that "the signature in the malicious withdrawals match up with the five suspected validators." This was discontinued in December 2021, but the allowlist access was not revoked." "The Axie DAO allowlisted Sky Mavis to sign various transactions on its behalf.
#NINE AXIE INFINITY FREE#
"This traces back to November 2021 when Sky Mavis requested help from the Axie DAO to distribute free transactions due to an immense user load," the post read. This, as the post explained, was not supposed to be possible.
![nine axie infinity nine axie infinity](https://i.ytimg.com/vi/A4Jc-sJEqaw/maxresdefault.jpg)
The Axie Infinity sidechain hack occurred when an attacker "found a backdoor through our gas-free RPC node" and used it to access the Axie DAO validator.
![nine axie infinity nine axie infinity](https://i0.wp.com/mommyginger.com/wp-content/uploads/2021/07/Axie-Infinity-IG.jpg)
Five node signatures are needed to verify a transaction, and the actor obtained said signatures by gaining control over four of Sky Mavis' validator nodes and a third-party one operated by Axie Infinity's decentralized autonomous organization (DAO). Sky Mavis said its Ronin chain includes nine validator nodes, which are used to verify deposits and withdrawals. The cryptocurrency was drained in two transactions, which happened when "the attacker used hacked private keys in order to forge fake withdrawals." dollar, totaling approximately $620 million. Sky Mavis, which developed the Ronin Network sidechain, said in the post that hackers stole 173,600 Ethereum and 25.5 million in USD Coin, a coin that maintains the value of the U.S.