Shocking Sybil Attack Uncovered: Individual Controls Over 21,000 Wallets on zkSync Network

Source: Adobe / _DanozAccording to a recent X thread, it has recently come to light that an individual has orchestrated an incredibly sophisticated Sybil attack on zkSync, a layer-2 scaling solution for Ethereum.

This Sybil attack has given this individual control over a staggering 21,877 wallets within the network.

The individual’s strategy involved a meticulously designed bot, which they utilized to ute ious transactions within the zkSync network.

Notably, these transactions were not manually conducted but automated by the bot. This level of automation allowed for a high degree of precision in the attack.

One key aspect of this attack was the individual’s ability to manipulate liquidity within the network. By adding liquidity themselves, this actor was able to evade issues related to slippage that might have otherwise occurred.

Consequently, they could ute a series of transactions on the zkSync Era network with remarkable efficiency and cost-effectiveness.

Furthermore, the individual behind this attack demonstrated a keen understanding of how to minimize costs. Despite accumulating an impressive volume of transactions across the 21,877 wallets, they managed to do so with minimal fees.

This calculated approach involved spending only 1.5 to 2 USD worth of ETH fees per wallet. Moreover, the attacker uted transactions at different intervals, including ious months, weeks, and days, to mimic the behavior of legitimate users and other layer-2 projects, making their activities appear less suspicious.

However, it’s important to note that despite the complexity of this Sybil attack, it did not go unnoticed. Lingland 09, a diligent observer in the crypto community, managed to track down a substantial portion of the 21,877 fake Sybil wallets created by the attacker.

Unfortunately, zkScan Explorer only supports up to 1,000 pages of history for each contract, limiting the number of wallets Lingland 09 could

Although the Matter Labs team, the developers behind zkSync, has not released any official notice about the attack, the community has urged the team to take action to identify and detect all 21,877 fake Sybil wallets associated with this individual’s activities, mainly through the $gem token claim contract.

Surge in Sybil Attacks Hits Crypto Community, Airdrops Under Threat

The crypto community is witnessing a surge in Sybil attacks, with yet another airdrop falling prey to this nefarious tactic. This tactic involves generating numerous eligible wallets to claim the airdrop, ly converting and profiting from the tokens.

Connext, a cross-chain liquidity network, made waves with its xERC20 $NEXT token airdrop on August 17th.

Connext introduced the Community Sybil Hunter program to ensure fair distribution, drawing inspiration from projects like HOP and SAFE.

However, the spotlight has turned on Connext Network, a protocol enhancing security through native blockchain bridges, due to a suspected Sybil attack during the native token airdrop.

A wallet created just four hours before the NEXT airdrop siphoned off over 200 claims for itself using multiple wallets, despite the airdrop’s one-claim-per-wallet rule.

According to Debank data, the wallet atically swapped NEXT tokens for tether (USDT) and ether (ETH), accruing approximately $38,000 in profit shortly after the airdrop commenced.

Moreover, the wallet inundated the airdrop’s user interface with a deluge of requests, leading to a temporary outage, as confirmed by Arjun Bhuptani, a founding contributor at Connext.