Sybil Hunters Beware: [Airdrop](https://onekey.so/blog/ecosystem/what-is-a-crypto-airdrop/) Farming Tool Exploit Drains $5M

NiqNiq
/Sep 11, 2025
Sybil Hunters Beware: [Airdrop](https://onekey.so/blog/ecosystem/what-is-a-crypto-airdrop/) Farming Tool Exploit Drains $5M

Key Takeaways

• Never trust closed-source tools that access your keys.

• Use dedicated devices for crypto transactions to enhance security.

• Hardware wallets are essential for storing significant amounts of cryptocurrency.

• Airdrop farmers are prime targets for hackers due to their high-value balances.

• Security requires diligence; avoid shortcuts that compromise your assets.

“When shortcuts turn into exit scams.”  

On January 25th, while crypto airdrop farmers pre-celebrated upcoming token drops from chains like Berachain and Linea, a silent heist unfolded. 

A hacked browser extension linked to Ads Power—a popular anti-detection tool for mass Sybil farming—had been leaking private keys since January 17th. 

Over 20,000 wallets were drained, with losses nearing $5M. Only those who raced to move funds upon early warnings salvaged their assets.  

How It Went Down

The attacker hijacked Ads Power’s plugin update server, pushing fake metamask/okx wallet that harvested seed phrases.

Ads Power privately alerted select users via dm instead of issuing public warnings at first.

Certik’s glowing security audit for Ads Power (posted Jan 3rd) was quietly deleted post-exploit.

This isn’t new. Centralized "black box" tools—Dexx (hacked Q3 2023), Bitbrowser (2022 leak)—keep imploding. Why?

They’re built to betray you. Closed-source tools with access to your keys + constant internet connectivity = ticking time bombs.

Incentives to rug. When user funds dwarf the project’s revenue (see: referral-driven ad models), exit scams print life-changing money.

Surviving the Sybil Grind

Never trust Closed-source tools. If it touches your keys, it’s dangerous.

Airgap your stacks. Use a dedicated device for crypto—no games, no random software.

Hardware wallets for heavy bags. OneKey, Trezor or Ledger, ensure keys never touch networked devices.

Why This Targets You

Airdrop farmers = low-hanging fruit. Sybil clusters often hold six-figure balances across wallets. 

Unlike mainstream apps, crypto tools have fewer users but far juicier payloads for hackers.

The Uncomfortable Truth

Security requires friction. Write down seed phrases. Click confirmations manually. Accept that chasing 100x efficiency via sketchy tools will eventually backfire.

The crypto graveyard is filled with "convenient" solutions—Mt. Gox, FTX, and now farming utilities. Your keys, your responsibility. Stop cutting corners.

Final note: If you’re farming at scale, build your own scripts. No shortcuts, no leaks.

Secure Your Crypto Journey with OneKey

View details for OneKey ProOneKey Pro

OneKey Pro

Truly wireless. Fully offline. The most advanced air-gapped cold wallet.

View details for OneKey Classic 1SOneKey Classic 1S

OneKey Classic 1S

Ultra-thin. Pocket-ready. Bank-grade secure.

View details for OneKey SifuOneKey Sifu

OneKey Sifu

1-on-1 wallet setup with OneKey Experts.

Keep Reading