“You can create as many as 10 accounts in one night. Ilya, a 33-year-old Ukrainian whose main source of income comes from airdrops.
Ilya (pseudonym) also earns money from cryptocurrency trading, but has been busy with airdrops in recent months, he told Zoom from a “southern European country.”
Ilya is one of many crypto traders who make money from Sybil attacks on airdrops. A Sybil attack is an attempt to create multiple accounts on a blockchain project that is scheduled to airdrop tokens and acquire as many tokens as possible.
The attack takes advantage of the project’s weak ability to identify and remove fake accounts, earning a large number of tokens and selling them immediately after receiving them for profit.
An airdrop is a free distribution of tokens to active members of the blockchain community. DeFi (decentralized finance) projects use airdrops to attract more users, provide liquidity to DEXs (decentralized exchanges), and encourage on-chain activity.
The project wants airdrops to identify and reward active users, but not distribute tokens to people who created accounts just before the airdrop just to earn tokens without actually being involved in the project. . This is because they will sell the tokens immediately, driving down the token price.
Sybil attackers devise ways to circumvent the system, disguising legitimate activity from one person or multiple accounts belonging to one team. As it stands, airdrops have become a never-ending whack-a-mole for the project, far from satisfying.
In a recent airdrop on Arbitrum, Ethereum’s Layer 2 protocol, users or groups managing multiple addresses received about 48% of the tokens distributed, according to one researcher.
Ilya is 33 years old, and for the last six years his main job has been cryptocurrency speculation. “We started in 2016, before the ICO[initial coin offering]boom,” says Ilya. He used to run a small grain company in Ukraine before turning to online marketing. And that all changed when he discovered cryptocurrencies. He invested in several ICOs and made 10x profits.
After the ICO boom subsided, IEOs (Initial Exchange Offerings) emerged, followed by the DeFi boom of 2020 and the NFT boom. If you can stay ahead of trends, you can make free money, says Ilya. Airdrops are just the latest boom in money-making opportunities.
“Airdrops are a more legal way of distributing project tokens than ICOs,” said Igor Pertsiya, founder of venture fund Hypra. According to him, if you have particularly high technology, you can target Ethereum Name Service, or projects such as Sui, Aptos, etc., and carry out a Sybil attack on a single airdrop. It can make millions of dollars in profits.
“I know people who made between $1 and $2 million just from Arbitrum (ARB),” Perziya said. “Unlike ICOs, many of which were like Ponzi schemes, participants didn’t want to talk about airdrops.
The data also back this up. Researchers identified a wallet that aggregated over $1 million worth of ARB from multiple wallets (presumably all owned by the same person). On the other hand, there were some people who had multiple accounts but got few tokens.
Regardless, researchers identified at least 198 accounts that were aggregating assets from multiple addresses.
Ilya could not become an arbitrum millionaire. This is because some of their accounts were detected as being involved in Sybil attacks and were excluded from the airdrop. However, I succeeded in receiving 20,000 ARB in 5 of the accounts I opened. This is about twice the maximum number (10,250 ARB) that one account can receive in an airdrop.
Ilya immediately sold for $1.40 per ARB. The profits far exceeded the costs. The cost is a $50 gas fee (transaction fee) to make a transaction to keep your account from being deleted.
“I know someone who got 200,000 ARB on thousands of accounts. He had a team of people managing 500 accounts each.”
On the other hand, Ilya has one staff member for account management. She pays a certain reward and part of the profit from the airdrop. Ilya says you don’t need technical knowledge to spot profitable airdrops. She says it’s enough to analyze social movements and sniff out the next trend.
Maintaining multiple accounts is “not difficult” and even high school students can manage multiple wallets to profit from airdrops.
“I know boys who are not even 18 years old yet manage 150 accounts each. One of them recently made $500,000 in an airdrop,” Ilya said.
“20-year-olds were envious of the ICO boom, and now we have a new generation of greedy youngsters,” said Perzia.
Since we don’t know which projects will airdrop when, airdrop hunters are monitoring multiple projects that look promising. What are the criteria for judging?
“Prefer a project that is well-known, has raised a lot of money, has a lot of developers and big name investors. The higher the sex, the better,” explained Ilya. Currently, projects that meet these criteria are zksynk, StarkNet, and LayerZero. These are all projects related to scaling Ethereum.
While waiting for an airdrop, those plotting Sybil attacks can also make losses if the project is hacked or liquidity dries up. DeFi protocols have become a favorite target of hackers, costing them $2 billion in 2022 alone, according to blockchain analytics firm Chainalysis. Cross-chain bridges are particularly attractive targets.
“Sometimes you invest liquidity in anticipation of (future) airdrops, but then the bridge gets hacked and hackers steal your assets,” Ilya said. While she hasn’t lost a lot of money hacking herself, she says she knows people who lost $10,000 on the recent attack on the lending protocol Euler. Incidentally, in this case, the hackers voluntarily returned the stolen funds.
According to Alex Momot, CEO of crypto startup Peanut Trade, the company is closely monitoring Sybil attacks on airdrops. One of the company’s services is helping DeFi projects avoid Sybil attacks. The airdrop hunter’s method is usually fairly simple, he said. Just make a minimal trade with the minimum required tokens to qualify for the airdrop.
Many hunters withdraw assets from centralized exchanges and put them in wallets. Such movements are handled by the exchange’s hot wallet, which aggregates the crypto assets of many users in one place, making it impossible to identify who withdrew the tokens. This makes it more difficult to identify multiple wallets, possibly owned by the same holder, that received assets from the same wallet.
However, there is a way to not distribute tokens to airdrop hunters with multiple accounts. For example, eliminating wallets that barely meet the criteria for airdrop eligibility.
“On the one hand, it’s not a bad thing that the project can gain some momentum, even if it’s because of the Sybil attack. But the project wants to build a real community and gain real momentum.” The worst thing is that the attackers immediately sell the tokens and lose millions of dollars in market capitalization as soon as they are listed on exchanges,” said Momoto.
｜Translation and editing: Akiko Yamaguchi, Takayuki Masuda
｜ Original: Sybil Millionaires: How Airdrop Hunters Trick Projects and Snatch Fortunes