Bubblemaps Identifies $170M Sybil Attack in MYX Token Airdrop

Blockchain Analytics Firm Flags Largest Sybil Attack in Crypto History

Blockchain analytics company Bubblemaps has identified what it claims may be the largest Sybil attack ever recorded in the cryptocurrency sector. The firm uncovered approximately 100 newly created wallets that collectively claimed 9.8 million MYX tokens—valued at around $170 million—from a recent MYX Finance airdrop.

Coordinated Wallet Activity Suggests Manipulation

According to Bubblemaps’ investigation, these wallets received nearly identical amounts of Binance Coin (BNB) from the crypto exchange OKX within minutes of each other, nearly a month before the airdrop event. The wallets exhibited no prior transaction history and claimed MYX tokens almost simultaneously at approximately 5:30 a.m. on May 7. Bubblemaps described this pattern as highly unlikely to be coincidental, dubbing it potentially the “biggest airdrop Sybil of all time.”

MYX Finance Responds to Allegations

In response, MYX Finance defended its token distribution framework, emphasizing that rewards were allocated based on actual trading activity and liquidity provision. The platform highlighted the presence of anti-Sybil mechanisms integrated within its “Cambrian” campaign. However, MYX acknowledged that certain high-volume users requested address changes prior to the airdrop launch, a practice that was permitted to encourage broader participation.

MYX stated, “As a decentralized perpetual DEX, we prioritize user participation, and even when a single entity engages extensively, we respect that level of involvement.” Bubblemaps, however, dismissed this reply as vague and possibly AI-generated, suggesting it further fueled suspicion around the airdrop’s integrity.

Market Reaction and Broader Context

Following these revelations, MYX token was trading at $17.33, marking a 6.47% increase over the past 24 hours but remaining over 12% below its all-time high of $18.52 recorded two days prior, according to CoinMarketCap data.

This incident aligns with a wider trend of increasingly sophisticated airdrop manipulation techniques. As reported by Cointelegraph Magazine in July, some operations employ extensive phone farms—such as one in Vietnam housing over 30,000 devices equipped with SIM cards and spoofed IPs—to simulate genuine user activity and bypass Sybil detection systems. These farms manufacture and sell “airdrop farm kits” globally, enabling coordinated exploitation of token giveaways across multiple wallets.

Conclusion

The Bubblemaps findings highlight significant vulnerabilities in crypto airdrop mechanisms and raise questions about the effectiveness of current anti-Sybil measures. The scale and coordination of this attack underscore the need for enhanced security protocols to preserve fairness in token distributions.