Sybil attacker will take 3026125 token ARB if the team do nothing! #3
Comments
stanlagermin
changed the title
stanlagermin
changed the title
|
Update: I take a look about this wallet: Here is the list of 1791 wallets which relates with Sweeper-bot address: |
stanlagermin
changed the title
|
It's a waste of time to investigate. Team will not respond |
|
The transactions above seem to be poisoning: They happened 6 hours ago, long after the snapshot and announcement. |
|
To arbi team: Please ignore such stupid things. There have been poisoning everywhere since Hop announced the anti-sybil rules. A tiny amount of transferring shouldn't be taken as sybil attack. |
|
I randomly checked several accounts and found that their behavior patterns lacked similarity; Small transfers occur after the announcement of an air drop, which is more like poisoning |
|
Can you help me to explain this? every recipient wallet has at least one transaction relate to this wallet: 0xcc577C130c019529FF1e721F9BEeA24a7DC1402D So all the wallet in the list get poisoning by send money to this address 0xcc577C130c019529FF1e721F9BEeA24a7DC1402D Also, every recipient wallets made 2 interactions with ARB token contract at the same time. :) I think he prepare for claiming and send all ARB right before real owner try to claim the ARB.
|
|
So all the wallet in the list get poisoning by send money to this address 0xcc577C130c019529FF1e721F9BEeA24a7DC1402D |
|
It is not a sybil attacker, those are all compromised wallets: Check the behavior on the addresses he funds, all of them had sweeping bots on them. I can also confirm that by the fact that one of the victims contacted me for help. |
|
THAT'S NOT SYBIL'S ADDRESS! YOU CAN CHECK THE FLASHBOTS DISCORD, MANY PEOPLE ARE VICTIMS OF COMPROMISED WALLETS AND THE FB19 WALLET TX APPROVE ARB ON THE VICTIM'S WALLET. AND THE BASTARD HACKER INTENDS TO STEAL THE ARB TOKEN WHEN THE CLAIM PROCESS IS OPENED. PLEASE BLACKLIST THE BASTARD HACKER'S FB19 ADDRESS. THE OTHER 1656 ADDRESSES ARE "VICTIMS" NOT SYBIL! THANK YOU. |
|
nggeh |
|
It's a hacker, he uses a sweeper bot on wallets. My wallet is among the victims of this. 0x81069f658da5fac80bbeee0023a21f0531d144dc |
|
They are not Sybil attacker Bro, my wallet also in this list because our wallets got hacked and hacker set sweeper bot to withdraw funds instantly u can check there no funds on any wallet , also try to send some small amount fund it will automatically transfer within seconds to the hacker address |
You are probably a part of this, or maybe you are the sybilor. 💀 |
What do you think about create new token distribution contract? and move token to new one? I think the team could do something, that why they give us 7 days before open for claimming. |
All they have to do is copy the addresses and blacklist them all. |
|
that's not sybil attack. it's a hacker (0xcc577C130c) who has a rage number of compromised wallets he sweeps funds from and has active front running/gas sweeping bots active one, across multiple chains. only way for victims to get their tokens is to use bots as well and try to beat him. i'm going to be helping out two friends, for a 20% reward of their ARB tokens. |
|
The team doesn't care, any request for support is ignored. |
I think they are investigating and will respond soon. |
|
These addresses are definitely belong to the same person. |
|
hi i confirm this my wallet is also under this |
|
No, no, no that’s not what an Arbitrum Sybil attacker looks like. THIS is what an Arbitrum Sybil attacker looks like - 0x00000009f3911d5810d993039826cbd383d41dcd used Disperse app to send ETH to following 99 addresses 3 times. With this simple trick we all could have defeated the Arbitrum Sybil Hunting methodology to score 63500 ARB. 0x00000001D6b56C4a8277d1d6C759c5F92Abd4333 |
|
It is not a sybil attacker. It's a sweeper bot wallet |
|
Hacker, not a sybil attacker, my address is in this list and it's compromised by a sweeper bot sadly. The only way to stop this is to run a bot against him and hope for the best. I wish the team can come up with something to save us though. Would also save 3M+ tokens being transferred to a hacker. |
|
Does anyone have a solution to mine transaction before he sweeps eth? |
|
Good read on how the whole process happens and can potentially be recovered. But I dont have any more details. Then its a case of the flashbots bundle = Again sorry have no idea how to setup. (Might be a good idea to contact some people mentioned in any of these link) The guys full story |
|
Best case. They stop the airdrop to all the wallets. However that is a lot of work for arbitrum and do you really think they have the time to do that. Medium case : they just send out anyway with you have burner scripts and flashbot bundles ready and pray. Worst case 1 : they send out airdrop and its gone to scammer. |
|
That people who connect or do tx from arbitrum scam airdrop. The phising web owner have mnemonic access to all the wallet, that why you should more careful if you want to connect your wallet on any website. |
|
it is a hacker, not a Sybil attacker. I think Arbitrum Foundation & Nansen have done well based on the criteria that have been set. We can't control hacker on Blockchain, I hope everyone will be more careful about fraud and so on to protect their own accounts. |
|
When someone sends a transaction to a compromised wallet hacker is able to mine transaction in next block or 2 blocks after that how is able to mine transaction that fast? |
|
This is not the Sybil attacker, end of story |
|
The users already lost the airdrop, sorry for them, why not exclude the addresses from the airdrop? At least the hacker does not profit from it then.... |
Users can still revoke access and try to frontrun using a bot |
|
We can state unequivocally that the Arbitrum team approached this issue without due consideration. A lot of wallets belong to the Sibyls, that's a fact. And the fact that the team did not identify them speaks of incompetence in this direction or unwillingness to spend resources on this. To the detriment of real users. And that's unfortunate. |
|
Arbitrum team: We dont care. |
yeah, I have helped several people setting up the flashbots to submit several transactions into a bundle Check out this: https://github.com/flashbots/web3-flashbots/blob/master/examples/simple.py |
|
Seem like the team will have no action at all. If someone are the victim, you can pm me: https://t.me/Spaghettii |
Web3 flashbots doesn't work on arbitrum |
|
https://twitter.com/x_explore_eth/status/1638452183682416641?s=46&t=-E-uigJwcn06x1xbumUeoA |
|
Ha! It just keeps getting better and better. No more sybil hunting for Nansen or anyone associated with Arbitrum sybil hunters. Even a biden supporter could have recognized sybilooooors using the disperse app or the Binance Hot Wallet sybiloooooor with 2997 accounts! “1/8 We found Arbitrum Sybil detection rules cause loopholes. Through our same-person/Sybil address recognition model, we identified more than 279,328 same-person and 148,595 Sybil airdrop addresses. https://mobile.twitter.com/x_explore_eth/status/1638452183682416641 |
|
my question is: |
|
https://t.co/ddWVmfWEwV |
Please can you post your code here? |
|
What happened? Is there an update? |
and others
Hello, I found something interesting about this wallet address:
0x59d4087f3ff91da6a492b596cbde7140c34afb19He made 2,417 transactions within 6 hours, that includes sending small ETH to 1656 different wallets :
Details: https://arbiscan.io/txs?a=0x59d4087f3ff91da6a492b596cbde7140c34afb19
And each recipient wallets, he made 2 interactions with ARB token contract:
For example,
0x3E5A2B1020c454079f5A7702fa204752C584d6A0Tx: https://arbiscan.io/address/0x3e5a2b1020c454079f5a7702fa204752c584d6a0
0x3aBeC2bbEc31c978a4a7e5b0cD2090cB759A0c01Tx: https://arbiscan.io/address/0x3abec2bbec31c978a4a7e5b0cd2090cb759a0c01
I check all 1656 recipient wallets above:https://github.com/stanlagermin/sybil-wallet-list/blob/main/sybil_wallets.csv
with: https://cointool.app/airdrop/arb
IT MAKES ME SHOCK!!!!!! 2800875 ARB TOKEN
I also recognize that every recipient wallet has at least one transaction relate to this wallet:
0xcc577C130c019529FF1e721F9BEeA24a7DC1402DFor example:
0x3E5A2B1020c454079f5A7702fa204752C584d6A0Tx: https://arbiscan.io/tx/0x9556ae9962c8034eb98f3f817eb5ecbb6d3e588fb71c70b84dcc5247dfcda998
0x3aBeC2bbEc31c978a4a7e5b0cD2090cB759A0c01Tx: https://arbiscan.io/tx/0x73e7f173ced28ab9aecf019d050609f2a85367917fce3bef56aa9b37f23d8fe7
From my point of view, that guy did all actions above is an airdrop farmer or a hacker because some people say that their wallet got hacked and being in a Sweeper-bot. Anyway, the team should do something to prevent getting at least 2800875 ARB Token from bad person.
The text was updated successfully, but these errors were encountered: