CoinTelegraph reported:
Two crypto projects have cried foul play over promotional airdrops conducted by CoinMarketCap (CMC) on their behalf, which they allege was “gamed” for the benefit of a small group of exploiters.
These promotional airdrops — designed to be distributed to thousands of wallets to raise awareness of a crypto project — ended with the tokens funneling to just a handful of wallets, suggesting potential manipulation of the system.
SATT token drop
Blockchain advertising solution SaTT alleged to Cointelegraph that a promotional airdrop it paid CMC to conduct in Dec. 2022 ended with 84% of the airdropped tokens funneling to just 21 wallets.
The promotion was meant to see 25,000 winning wallets receive 4,000 SATT each, worth $6.30 at the time per CoinGecko data.
However, SaTT claimed that shortly after the airdrop was distributed, 20,953 wallets “automatically transferred the tokens to 21 wallet addresses” which then sold off their token holdings days later around Dec. 10, netting around $142,000 for those 21 wallet owners.
The sell-off plunged the price of SATT by 70% between the end of the airdrop on Dec. 1 to when the wallets sold their tokens on Dec. 10.
TokenBot token drop
A similar experience was shared by TokenBot co-founder Shaun Newsum, who told Cointelegraph that it did a similar CMC-led airdrop of its TKB token on Dec. 9.
Newsum said CMC provided its 30,000 airdrop winners but he chose to “stagger” the airdrop “just in case something happens.”
TokenBot sent out its tokens to a batch of 4,000 winners to start, but around 3,300 ended up sending the funds to one wallet, said Newsum.
Newsum said around $20,000 was lost by TokenBot in the incident and the project had to deploy more liquidity from its treasury.
“Obviously some person figured out how to game CMC,” he added. “If we were to have bulk sent, the whole airdrop would’ve been a complete disaster.”
Newsum however said he has since received an apology from CMC and was told that it was investigating the airdrop and would return with an updated winners list for the project.
In its investigation, SaTT claims to have found another 18 tokens or nonfungible tokens (NFTs) airdrops conducted by CMC since Jul. 2022 that were also allegedly “infected by fraud” to the tune of $6.6 million.
This included airdrops for projects including TopGoal, OwlDAO and AgeofGods.
SaTT theorized two possibilities of how the “fraud” occurred:
“Either a group of hackers injected tons of fake accounts [into the airdrop on CMC’s website] […] or it was actually an inside job.”
CoinMarketCap responds
Speaking to Cointelegraph, a CMC spokesperson addressed some of these claims, arguing that at least four of the projects identified by SaTT have yet to distribute rewards, meaning it would be “impossible” for them to have faced “malicious” activity.
It also noted that while three projects, including SaTT, AgeOfGods and TokenBot have spoken to the CMC team about their concerns, it has not received any communications from other projects about the alleged issues.
The spokesperson however acknowledged that “bots are an issue that touches nearly every industry.”
“The industry has been facing this issue among airdrop programs for some time and the reality is that not a single industry has been able to solve the bot issue entirely.”
“We are continuously working to improve our systems and services to limit this issue and will work closely with these projects to find solutions and help resolve any current issues,” the spokesperson added.
Related: Crypto’s recovery requires more aggressive solutions to fraud
CMC added that any claims of bot participation in its airdrops are taken “very seriously” and itis “working on resolving each case individually.”
It also shared several features it has employed to deter bot participation, such as a CAPTCHA challenge and email verification requirements for participants. It’s also developing a two-factor authentication integration.
Cointelegraph contacted TopGoal and OwlDAO for comment but did not receive a response at the time of publicati. AgeofGods could not be reached for comment.