The integrity of cryptocurrency airdrops has been called into question following recent accusations leveled against MYX Finance. Blockchain analytics firm Bubble Maps has alleged the decentralized finance project facilitated a significant Sybil attack, identifying a cluster of 100 wallets that purportedly claimed $170 million worth of MYX tokens. Crucially, evidence presented suggests direct links between these addresses and the project’s founder, raising serious concerns about the fairness and transparency of token distribution within the crypto ecosystem.
The extensive investigation by Bubble Maps, which came to light on September 9, 2025, detailed how this cluster of 100 addresses collectively claimed 9.8 million MYX tokens, valued at $170 million. The MYX airdrop, which commenced in early May 2025, had allocated 14.7% of its total 1 billion MYX supply, with initial access to 30% of tokens and the remainder subject to a monthly vesting schedule. Bubble Maps highlighted the alleged scheme via social media: pic.twitter.com/Kq1ubEgUBU
The forensic analysis by Bubble Maps detailed a striking pattern of synchronized activity among these 100 wallets. On April 19, 2025, prior to the airdrop, all wallets reportedly received identical deposits of Binance Coin (BNB) originating from the OKX exchange. This uniformity in funding allowed them to qualify for and participate in the airdrop. Furthermore, the majority of these suspicious wallets claimed their MYX tokens simultaneously on May 7, 2025, a date on which most of them exhibited no prior transaction history, suggesting a coordinated execution rather than organic engagement.
The allegations escalated when Bubble Maps presented evidence purporting to link the Sybil cluster directly to a MYX Finance founder. Analysts traced transfers from the founder’s wallet, identified as 0x8eEB, to an address, 0x4a31, which was a participant in the compromised airdrop. This 0x4a31 address was found to exhibit the same operational patterns as 95 other wallets within the Sybil cluster. Adding to the gravity of the claim, approximately $2.8 million in tokens were reportedly sent from 0x4a31 to another deposit address, 0xeb5A, which Bubble Maps asserts is also under the control of the MYX Finance founder.
In response to the initial report, MYX Finance issued a statement denying the accusations. The project’s developers claimed that the majority of the wallets in question had received “fair reward for real participation,” and that some larger token holders had requested changes to their receiving addresses before the airdrop. However, Bubble Maps found this explanation “vague,” demanding a more explicit clarification from MYX Finance regarding the synchronized behavior of the cluster addresses and the demonstrable link to a project founder.
This incident underscores the persistent challenge of Sybil attacks in the cryptocurrency space, particularly concerning airdrops designed to foster community growth and equitable token distribution. Such attacks undermine trust, dilute legitimate participants’ rewards, and can significantly impact a project’s long-term viability and market perception. The broader industry continuously seeks robust mechanisms to identify and mitigate these sophisticated schemes. For instance, protocols like LayerZero have actively engaged their communities in “bounty hunts” to identify and report Sybil attackers, offering rewards derived from the tokens initially allocated to fraudulent addresses as an incentive.
Tyler Matthews, known as “Crypto Cowboy,” is the newest voice at cryptovista360.com. With a solid finance background and a passion for technology, he has navigated the crypto world for over a decade. His writing simplifies complex blockchain trends with dry American humor. When not analyzing markets, he rides motorcycles, seeks great coffee, and crafts clever puns. Join Crypto Cowboy for sharp, down-to-earth crypto insights.