Massive Bot Attack Disrupts Solana WET Token Presale
Bot-Driven Wallet Attack Derails Solana Token Launch
A presale for Solana's WET tokens was disrupted by a sophisticated bot attack that used over 1,000 wallets to claim nearly all tokens within seconds. The organizers were forced to halt the sale, issue apologies, and devise a new strategy to ensure genuine participants could access the tokens.
Presale Overrun by Automated Wallets
The presale took place on Jupiter, a popular Solana-based platform. Instead of witnessing organic participation, the event was hijacked by a coordinated swarm of wallets that appeared simultaneously and followed identical funding patterns. Organizers confirmed that a single entity controlled the majority of the token allocation by dispersing funds across more than 1,000 wallets.
Response and Rectification Efforts
HumidiFi, the team behind the presale, quickly suspended the launch and announced plans to introduce a replacement token. They assured that verified buyers who attempted to participate would be compensated, while the attacker would receive no benefits from the revised distribution plan.
Bubblemaps Analysis Reveals Wallet Network
Analysis by Bubblemaps identified that of 1,530 participating wallets, approximately 1,100 exhibited similar behaviors, such as simultaneous creation and identical funding patterns. Funds were transferred from exchange accounts to a cluster of wallets, which then distributed tokens to numerous empty addresses, creating an illusion of widespread participation. This investigation uncovered connections to a Twitter user known as "Ramarxyz," further confirming the deliberate nature of the attack.
Broader Implications of Sybil Attacks
This incident is part of a growing trend of Sybil attacks, where a single actor uses multiple wallets to manipulate token launches. Such strategies have been facilitated by the low transaction costs and high-speed capabilities of networks like Solana. These events underscore the need for robust security measures to protect against automated exploits during token releases.