Connext Network (NEXT) faced a sybil bot attack demanding more than 200 times the amount of tokens allocated for the airdrop.
The attacker also spammed the airdrop UI, causing it to go offline and preventing real users from claiming their tokens.
A closer look at the bot address revealed that it was created just four hours before the airdrop started and had no previous activity on the Connext Network. The address used a sybil bot, a strategy that involves creating multiple fake identities suitable for claiming the airdrop before immediately selling the tokens for a profit.
According to Debank, a blockchain data platform, the address continuously converted NEXT tokens into Tether (USDT) and Ethereum (ETH), making a profit of approximately $38,000 shortly after the airdrop went live.
According to Connext co-founder Arjun Bhuptani, who confirmed that this was a sybil attack, the sybil bot also sent numerous requests that took the airdrop UI offline:
Bhuptani added that as many as 57,000 unique wallets have registered for the airdrop.
*This is not investment advice.