# April - 2022
### 4/7/2022
1) Ronin Bridge Attack update this week - Sky Mavis raises more than 100 million from Binance, Paradigim, A16, and others?
2) 4/1/2022 - seven Lapsus$ group hackers arrested
https://www.bbc.com/news/technology-60864283
**Why this?**
Notorious crypto hackers, also the team that tried to extort Nvida into removing GPU crypto mining blockers. So odd. 14M crypto fortune.
**When:** 4/1
What happened: former hacking partners turned on this guy and doxxed him. Cops circled in.
**Who:** Mostly teens so names aren't released but
> Under his online moniker "White" or "Breachbase" the teenager, who is autistic, is said to be behind the prolific Lapsus$ hacker crew, which is believed to be based in South America.
3) this week - Bored ape holder "s27" traded their bubble gum ape and matching mutant derivites with floor value of $567k for imposter apes
https://twitter.com/0xquit/status/1511198290565509120?s=21&t=mUf0Ew3lkOB5GrdQ_VOw3A
**Why cover this?**
Nice reminder that NFT markets are sketchy right now. You can't make this shit up.
**What:** simple photoshop scam
>The victim entered into a direct swap trade with the scammer via a third-party service called swap.kiwi. Unlike regular marketplaces like OpenSea, platforms like swapkiwi allow direct NFT swaps between collectors, reducing transaction ("gas") fees.
>
> Unknown to s27, the other participant in the trade put up knock-off NFTs in exchange for s27’s legitimate Bored Ape and Mutant Apes. The scammer used images of actual Bored Apes to create fake replicas and uploaded the same ones to OpenSea.
-https://www.theblockcrypto.com/post/140702/bored-ape-holder-loses-nfts-worth-567000-to-a-scammer
**where:** kiwi.swap
**Who:** anon & s27
**When:** 4/1-3/2022
4) 4/2/2022 [Inverse Finance Hack ](https://rekt.news/inverse-finance-rekt/)-
15M taken with super clever defi anti-pattern attack.
**Why this?**
These are the most facinating expoits in crypto right now.
**When:** 4/2/2022
**Who:** anon
**What happened:**
>A professionally executed hack allowed an anonymous actor to manipulate the price of INV and help themself to an exclusive deal from the ETH based lending protocol.
Rekt.news - https://rekt.news/inverse-finance-rekt/
5) Hydra Darknet Market bust, OFAC sanctions a bunch of new addys
**when:** 4/5/2022
**what: **
> after a tip-off, German police seized the Hydras servers and confiscated €23m (£16.7m) in Bitcoin. 25.2 million USD
BBC https://www.bbc.com/news/technology-61002904
>Germany’s federal police shut down the Russia-based Hydra Market, the world’s largest darknet market by revenue. Later in the day, the Justice Department followed up by indicting one of Hydra’s key operators, and the U.S. Treasury’s Office of Foreign Assets Control (OFAC) sanctioned Hydra, adding more than 100 of its cryptocurrency addresses to the SDN list as identifiers.
Chain Anal - https://blog.chainalysis.com/reports/hydra-garantex-ofac-sanctions-russia/
What Hydra:
>In 2021, Hydra received more than $1.7 billion worth of cryptocurrency, which accounts for over 75% of all darknet market revenue globally.
Who mastermind:
Dmitry Olegovich Pavlov
### 4/1/2022
Show link:
https://idegen.fm/episodes/e1-ronin-bridge-hack-4-1-2022
Topics:
Big week, largest crypto hack ever?
1) Ronin Chain
2) Voltage Finance
#### Ronin Hack
Key Points:
> largest hack in Crypto
> The Ronin bridge has been exploited
>~$624M stolen from Ronin Network
> for 173,600 Ethereum and 25.5M USDC
> Hack happend on March 23rd, no one noticed for 6 days..
--> What is Axie?
--> quick history of Axie
--> What is Ronin chain?
Research:
https://whitepaper.axieinfinity.com/technology/ronin-ethereum-sidechain
https://whitepaper.axieinfinity.com/roadmap
![](https://hackmd.io/_uploads/Hkjd55NX9.png)
Axie used Loom at one point? Did not know that.
[Loom was og ETH plasma sidechain for gaming](https://www.crowdfundinsider.com/2020/05/161307-loom-network-team-finally-responds-claims-project-isnt-dead-but-acknowledges-its-facing-financial-challenges-due-to-covid-19/)
Loom issues:
> There are diverging accounts about what happened here. Nisenson told CoinDesk that Loom collapsed multiple times under the activity driven by CryptoWars. Loom disputes that account.
https://www.coindesk.com/tech/2020/04/27/cryptowars-leaves-loom-sidechain-in-pivot-to-play-to-earn-aka-betting/
Axie adopts Loom in 2019 for in house land/NFT markeplace in 2019.
Axie abandons Loom March 2020
![](https://hackmd.io/_uploads/HkWcncVQc.png)
https://twitter.com/AxieInfinity/status/1239176945600024576
### Road to Ronin
What is Ronin?
Ronin is an Ethereum sidechain developed by Sky Mavis, the makers of Axie.
> Ronin currently adopts a Proof-of-Authority (PoA) consensus model which is a reputation-based system that allows for fast transactions due to its limited number of validators and relatively centralized nature. Validators are handpicked by the team based on their credibility and unlike Proof-of-Stake blockchains, validators are “staking” their reputation instead of tokens. Validators risk losing their reputation if they become bad actors or negatively affect the network. Some examples of validators for the Ronin network include Binance, Ubisoft and Animoca Brands.
https://www.nansen.ai/research/ronin-the-engine-powering-axie-infinitys-growth
1) migrate assets
> Axies will be deposited via a smart contract on Ethereum. When Axies are inside the contract they will be usable on Ronin.
https://medium.com/axie-infinity/introducing-ronin-axie-infedinitys-ethereum-sidechain-8745e31eaef1
2) Validators https://explorer.roninchain.com/validators
According to [Axie website](https://whitepaper.axieinfinity.com/technology/ronin-ethereum-sidechain):
>all-star cast of partners from the traditional gaming, crypto, and nonfungible token space to serve as validators of our network.
From [Nansen.ai](https://www.nansen.ai/research/ronin-the-engine-powering-axie-infinitys-growth):
>Some examples of validators for the Ronin network include Binance, Ubisoft and Animoca Brands.
3) Ronin Dex "Katana" - LIke the Uniswap of Ronin chain.
4) Bridge - How does a bridge work?
>Smart contracts deployed to both networks are connected by a bridge oracle where bridge validators confirm and sign cross-network transactions.
https://docs.ethhub.io/ethereum-roadmap/layer-2-scaling/sidechains/
More on on bridges between ERC20s work:
https://docs.tokenbridge.net/about-tokenbridge/features
### The Hack
>The attacker used hacked private keys in order to forge fake withdrawals. We discovered the attack this morning after a report from a user being unable to withdraw 5k ETH from the bridge.
> While the investigations are ongoing, at this point we are certain that this was an external breach. All evidence points to this attack being socially engineered, rather than a technical flaw. - [Axie Substack](https://roninblockchain.substack.com/p/community-alert-ronin-validators?s=r)
### Outstanding Questions?
How was Sky Mavis breached?
How as the 5th validator breached?
Did someone notice the breach and trade on it?
Other links:
https://roninblockchain.substack.com/p/community-alert-ronin-validators?s=r
https://rekt.news/ronin-rekt/
https://ethereum.org/en/developers/docs/scaling/sidechains/
https://dune.xyz/digipo/Axie-Infinity-Ronin-Bridge
Hacker Addy:
https://etherscan.io/address/0x098b716b8aaf21512996dc57eb0615e2383e2f96
#### Voltage Finance
https://rekt.news/voltage-finance-rekt/
- 4 mil
- Thor Chain
-