The Arbitrum Airdrop stole headlines late last week… hackers, scammers and airdrop farmers stole as much $ARB as they could. Much of this activity was considered a Sybil attack. A traditional Sybil attack is when a hacker overcomes network security by successfully posing as multi pseudonymous nodes. In the Arbitrum Airdrop’s case, several individuals, aggressively harvested the airdrop by posing as thousands of people at a time. This was done by funding thousands of individual wallets! According to the exhaustive research of X-explore, over 557 million of the 1.2 billion airdrop tokens were awarded to “same-person addresses.” That means nearly half of the airdrop went to people gaming the system.
We found 2 super airdrop hunters of $ARB.— Lookonchain (@lookonchain) March 24, 2023
0xe1e2 received 1.4M $ARB($1.92M) via 866 addresses and added all 1.4M $ARB to #Uniswap to provide liquidity.https://t.co/sncsZTHrP2
0xbd4e received 933,375 $ARB($1.28M) via 630 addresses.https://t.co/p5vbqXMYxD pic.twitter.com/yK3LzbeC8t
There were many examples of impressive airdrop harvests. LookOnChain identified two “super airdrop hunters” who were able to collect from hundreds of wallets. One of the hunters received $1.92M worth of Arb from 866 addresses; the other got $1.28M from 630 addresses!
Beyond the Sybil attack, one hacker was able to grab $500,000 worth of ARB from hacked accounts. Vanity accounts generated by the user-friendly Profanity wallet generator were victimized in this attack. A vulnerability in Profanity wallets has been known for months–it allows hackers to pretty easily figure out a Profanity wallet’s private keys. While most people have stopped using Profanity wallets, many of these wallets were eligible for the airdrop. Knowing that vulnerable wallets were eligible to claim the ARB airdrop, a hacker pounced on these claims and took them for himself.
Someone made $500k+ by claiming Arbitrum airdrop with hacked vanity addresses pic.twitter.com/aSWmx7MySS— jq (@jackqack) March 23, 2023
All in all, the Arbitrum airdrop was an exciting moment that has revitalized interest in airdrop hunting. While the intention of the airdrop–to create a wide base of ARB holders–was subverted by Sybil attackers and hackers, many people felt like the “super airdrop hunters” were clever and admirably inventive. “Airdrop God” might catch on as a new honorific. For those interested in the next potentially gainful airdrop, check out this guide to the potential zkSync airdrop. Just remember that there’s no guarantee there will be an airdrop here!
In other not-so-savory NFT news from the week, CryptoPunk #685 was accidentally BURNED this week by its owner! For those that don’t know, burning an NFT is an irrevocable action whereby a token is sent to a burn address and effectively permanently deleted. According to Punk expert, Sean Bonner, #685’s owner was trying to wrap the CryptoPunk and made a huge mistake! Apparently there’s no UI for wrapping Punks and user error is easy to commit. RIP #685, you will be right-clicked saved in the hearts of all Punk lovers forever!
Terra founder Do Kwon leaving Montenegrin court in handcuffs.— Watcher.Guru (@WatcherGuru) March 24, 2023
The crypto world rejoiced when Do Kwon, the infamous creator of Terra, was arrested on the 23rd. According to The New York Times, the fugitive founder was arrested in a Montenegran airport. Kwon tried to use a fake Costa Rican passport in order to board a private jet to Dubai. Now he faces an extradition tug-of-war: both the United States and South Korea will be vying for the right to detain and prosecute him… I wonder if Do will use his famous line, “I don’t debate the poor” during cross examination?