Try   HackMD

April - 2022

4/7/2022

  1. Ronin Bridge Attack update this week - Sky Mavis raises more than 100 million from Binance, Paradigim, A16, and others?

  2. 4/1/2022 - seven Lapsus$ group hackers arrested
    https://www.bbc.com/news/technology-60864283

Why this?
Notorious crypto hackers, also the team that tried to extort Nvida into removing GPU crypto mining blockers. So odd. 14M crypto fortune.

When: 4/1
What happened: former hacking partners turned on this guy and doxxed him. Cops circled in.

Who: Mostly teens so names aren't released but

Under his online moniker "White" or "Breachbase" the teenager, who is autistic, is said to be behind the prolific Lapsus$ hacker crew, which is believed to be based in South America.

  1. this week - Bored ape holder "s27" traded their bubble gum ape and matching mutant derivites with floor value of $567k for imposter apes
    https://twitter.com/0xquit/status/1511198290565509120?s=21&t=mUf0Ew3lkOB5GrdQ_VOw3A

Why cover this?
Nice reminder that NFT markets are sketchy right now. You can't make this shit up.

What: simple photoshop scam

The victim entered into a direct swap trade with the scammer via a third-party service called swap.kiwi. Unlike regular marketplaces like OpenSea, platforms like swapkiwi allow direct NFT swaps between collectors, reducing transaction ("gas") fees.

Unknown to s27, the other participant in the trade put up knock-off NFTs in exchange for s27’s legitimate Bored Ape and Mutant Apes. The scammer used images of actual Bored Apes to create fake replicas and uploaded the same ones to OpenSea.
-https://www.theblockcrypto.com/post/140702/bored-ape-holder-loses-nfts-worth-567000-to-a-scammer

where: kiwi.swap
Who: anon & s27
When: 4/1-3/2022

  1. 4/2/2022 Inverse Finance Hack -
    15M taken with super clever defi anti-pattern attack.
    Why this?
    These are the most facinating expoits in crypto right now.

When: 4/2/2022
Who: anon
What happened:

A professionally executed hack allowed an anonymous actor to manipulate the price of INV and help themself to an exclusive deal from the ETH based lending protocol.

Rekt.news - https://rekt.news/inverse-finance-rekt/

  1. Hydra Darknet Market bust, OFAC sanctions a bunch of new addys
    when: 4/5/2022
    **what: **

after a tip-off, German police seized the Hydras servers and confiscated €23m (£16.7m) in Bitcoin. 25.2 million USD

BBC https://www.bbc.com/news/technology-61002904

Germany’s federal police shut down the Russia-based Hydra Market, the world’s largest darknet market by revenue. Later in the day, the Justice Department followed up by indicting one of Hydra’s key operators, and the U.S. Treasury’s Office of Foreign Assets Control (OFAC) sanctioned Hydra, adding more than 100 of its cryptocurrency addresses to the SDN list as identifiers.

Chain Anal - https://blog.chainalysis.com/reports/hydra-garantex-ofac-sanctions-russia/

What Hydra:

In 2021, Hydra received more than $1.7 billion worth of cryptocurrency, which accounts for over 75% of all darknet market revenue globally.

Who mastermind:
Dmitry Olegovich Pavlov

4/1/2022

Show link:
https://idegen.fm/episodes/e1-ronin-bridge-hack-4-1-2022

Topics:
Big week, largest crypto hack ever?

  1. Ronin Chain
  2. Voltage Finance

Ronin Hack

Key Points:

largest hack in Crypto
The Ronin bridge has been exploited
~$624M stolen from Ronin Network
for 173,600 Ethereum and 25.5M USDC
Hack happend on March 23rd, no one noticed for 6 days..

> What is Axie?
> quick history of Axie
> What is Ronin chain?

Research:
https://whitepaper.axieinfinity.com/technology/ronin-ethereum-sidechain

https://whitepaper.axieinfinity.com/roadmap

Image Not Showing Possible Reasons
  • The image was uploaded to a note which you don't have access to
  • The note which the image was originally uploaded to has been deleted
Learn More →

Axie used Loom at one point? Did not know that.

Loom was og ETH plasma sidechain for gaming

Loom issues:

There are diverging accounts about what happened here. Nisenson told CoinDesk that Loom collapsed multiple times under the activity driven by CryptoWars. Loom disputes that account.
https://www.coindesk.com/tech/2020/04/27/cryptowars-leaves-loom-sidechain-in-pivot-to-play-to-earn-aka-betting/

Axie adopts Loom in 2019 for in house land/NFT markeplace in 2019.

Axie abandons Loom March 2020

Image Not Showing Possible Reasons
  • The image was uploaded to a note which you don't have access to
  • The note which the image was originally uploaded to has been deleted
Learn More →

https://twitter.com/AxieInfinity/status/1239176945600024576

Road to Ronin

What is Ronin?

Ronin is an Ethereum sidechain developed by Sky Mavis, the makers of Axie.

Ronin currently adopts a Proof-of-Authority (PoA) consensus model which is a reputation-based system that allows for fast transactions due to its limited number of validators and relatively centralized nature. Validators are handpicked by the team based on their credibility and unlike Proof-of-Stake blockchains, validators are “staking” their reputation instead of tokens. Validators risk losing their reputation if they become bad actors or negatively affect the network. Some examples of validators for the Ronin network include Binance, Ubisoft and Animoca Brands.

https://www.nansen.ai/research/ronin-the-engine-powering-axie-infinitys-growth

  1. migrate assets

Axies will be deposited via a smart contract on Ethereum. When Axies are inside the contract they will be usable on Ronin.

https://medium.com/axie-infinity/introducing-ronin-axie-infedinitys-ethereum-sidechain-8745e31eaef1

  1. Validators https://explorer.roninchain.com/validators

According to Axie website:

all-star cast of partners from the traditional gaming, crypto, and nonfungible token space to serve as validators of our network.

From Nansen.ai:

Some examples of validators for the Ronin network include Binance, Ubisoft and Animoca Brands.

  1. Ronin Dex "Katana" - LIke the Uniswap of Ronin chain.

  2. Bridge - How does a bridge work?

Smart contracts deployed to both networks are connected by a bridge oracle where bridge validators confirm and sign cross-network transactions.

https://docs.ethhub.io/ethereum-roadmap/layer-2-scaling/sidechains/

More on on bridges between ERC20s work:
https://docs.tokenbridge.net/about-tokenbridge/features

The Hack

The attacker used hacked private keys in order to forge fake withdrawals. We discovered the attack this morning after a report from a user being unable to withdraw 5k ETH from the bridge.

While the investigations are ongoing, at this point we are certain that this was an external breach. All evidence points to this attack being socially engineered, rather than a technical flaw. - Axie Substack

Outstanding Questions?

How was Sky Mavis breached?
How as the 5th validator breached?
Did someone notice the breach and trade on it?

Other links:
https://roninblockchain.substack.com/p/community-alert-ronin-validators?s=r

https://rekt.news/ronin-rekt/
https://ethereum.org/en/developers/docs/scaling/sidechains/

https://dune.xyz/digipo/Axie-Infinity-Ronin-Bridge

Hacker Addy:
https://etherscan.io/address/0x098b716b8aaf21512996dc57eb0615e2383e2f96

Voltage Finance

https://rekt.news/voltage-finance-rekt/

  • 4 mil
  • Thor Chain
Last changed by 
Zk
Greyhat DeFi Astronaut
0
338
Published on HackMD