Token airdrops targeted by farm accounts and ‘Sybil attacks’


Amid surging prices, many crypto projects have seen a rise in fake farm accounts, or “Sybil attacks,” named so after a book about a woman with many personalities. These fake accounts create artificial network activity to claim as many tokens as possible during airdrop events, which have become highly lucrative over the years. 

“We’ve recently taken action by banning approximately 2,000 users whom we suspect were farming Degen,” creators of the Degen memecoin project, which was built on the Farcaster social media protocol, wrote on X. “Taking part in Degen farming, such as coordinated posting or artificial engagement, could lead to bans.”

The Degen airdrop is ongoing until Aug. 1 and will reward users who engage with or create quality content posted on Farcaster social channels. However, it appears that a sizable number of users began posting sub-par content for the sole purpose of earning airdrop points. “Joining organized actions mainly to earn tokens and posting unrelated content in boosted channels” will result in bans, Degen developers wrote.

Degen’s warning to Sybil attackers

The memecoin project is far from the first protocol to suffer from Sybil attacks. 

On April 4, self-custody wallet Bitget Wallet said it would deduct airdrop points from users who use “emulators and cloud phones” to create artificial wallet referrals and downloads to farm BWB token rewards. “Upholding fairness and integrity for all participants is paramount to us, and we cannot turn a blind eye to any dishonest behavior that violates the rules of conduct for the event,” Bitget Wallet staff wrote. 

The Bitget Wallet airdrop has been ongoing for the past month and is scheduled to end on April 27. Users can earn rewards by referring friends, depositing tokens, or performing decentralized finance (DeFi) swaps through the self-custody wallet. 

Despite identifying the problem, cracking down on Sybil attacks remain difficult. 

“To be certain that we do not inadvertently penalize honest users, we have identified and deducted points only for the top 50 users who boosted their referral points through illicit means,” explained Bitget Wallet developers. 

Earlier this year, prominent DeFi developer Banteg also raised an issue with the Ethereum layer-2 protocol Starknet and its airdrop. They claimed to have gone through all Starknet airdrops and “found 1854 people who have either renamed or deleted their account since the activity snapshot.” Banteg also identified an estimated 701,544 addresses that were allegedly linked to repeat or renamed GitHub accounts controlled by airdrop farmers.

Despite such revelation, the airdrop farmers’ addresses were included in the Starknet airdrop anyway. Shortly after its launch, Starknet temporarily surpassed a fully diluted valuation of $20 billion. The airdrop is ongoing until June. 

In a report by Gamic HQ last August, researchers explained that to deploy a Sybil attack, airdrop farmers “leverage scripts or bots to create a massive number of fake accounts on a targeted platform” that proceed to automate tasks such as “generating random usernames and emails, filling out registration forms, and even verifying accounts with CAPTCHAs.”

Gamic HQ researchers further wrote that Sybil attacks “amass a large portion of the airdropped tokens, leaving less for genuine users who might be more interested in using and supporting the project long-term.” As a result, a project’s reputation is damaged, its token supply inflates, and price manipulation may occur as a result of excessive dumping by airdrop farmers after the event is over. 

However, the firm also noticed several positives as a result of the attacks. “The rise of Sybil attacks has pushed blockchain projects to develop more sophisticated methods for verifying user identities and ensuring fair airdrop distribution,” they claimed. “This ongoing battle will hopefully lead to a more robust and secure blockchain ecosystem in the long run.”

Related: Blockchain data-availability protocol Avail announces 600M token airdrop