Players who use the ADSPOWER browser support airdrop hunters. This time it was stolen using only one person to control multiple addresses! Highly recommended to make them witches!
Guys, I want to add my thoughts: these people have lost money and their account farming setups, but they cling to the hope that hackers no longer have access to their wallets and that they’ll still receive the Linea drop. I’ve analyzed the chats, and they’re calling for users of the browser to be “white-listed,” telling tearful stories about how they’ve been in the ecosystem for a long time, that they’re early adopters, and that they have monthly transactions, and so on.
The truth is, they really do have all of that - but across hundreds of accounts they farmed daily in hopes of securing the drop and immediately dumping the tokens after the listing.
They’re trying to appeal to the idea that it’s “just a browser” and can supposedly be used for different purposes.
!!!
But the reality is that the wallets of people who used a plugin for mass-installing MetaMask in this browser were hacked. This means that if someone wanted to create 100 accounts, they could install 100 extensions in 100 browser sessions with just one click.
!!!
No sane person would use this paid browser, with its monthly subscription and multi-account creation functionality, for their personal wallet. This is blatant, disgusting dishonesty. They will try to feed you this narrative and manipulate you - PLEASE DO NOT FALL FOR IT. This tool was specifically designed to bypass identification systems and create mass accounts, and it has been compromised, losing all trust.
So, there are two outcomes here:
- The tokens from these wallets will be stolen by hackers after the airdrop.
- The tokens will be claimed by scammers and abusers.
The chance that these wallets will hold the tokens without dumping? Zero.
The chance that anyone using these wallets will participate in governance? Zero.
LINEA TEAM, please do not make a mistake and play into the lies of these scammers. This is a very serious issue, and it’s a golden opportunity to remove wallets that are extremely difficult to identify from the distribution.
20 Likes
@dfox please note, this is very important! Also this can be an additional base for training Nansen in finding sybils. This would be a huge achievement for Linea.
8 Likes
These guys will now do anything, any lie and trick, to recoup the costs of their lost farms.
Linea, please send them to Valhalla for us, for your community!
7 Likes
They are all Sybils, no doubt about it. Don’t even entertain the possibility that these people might plant ideas in your head from their fake accounts. In addition to having multiple wallets, they also have numerous social accounts, making them capable of manipulating opinions.
Every user utilizing this software and farming drops is a Sybil. No doubts and no exceptions. Don’t let them whitewash themselves.
Also, share this database with Nansen so they can identify accounts similar to these.
I analyzed the Adspower chats and concluded that not all abuser wallets were compromised, only a portion of them. However, they are usually very similar - the patterns are the same. You can improve the distribution by removing these accounts from it.
Please take this seriously!
9 Likes
Linea, please don’t miss this opportunity to improve your distribution!
9 Likes
Wow, thanks for the information provided sir! Even a quick look at the wallets that interacted with the wallet thieves shows obvious patterns and similar wallets with similar actions and balances
I agree with this.
I did some digging and I can’t see any reason to use this particular browser rather than for sybil purposes solely. If what you really needed was to actually hide identity for privacy/security reasons, there’re many renowned browsers/solutions out there.
And this tool itself is marketed for this very purpose.
You chose to play with the system in the hopes that you would not be caught. You very well knew the risks of this and that it’s jail if caught, and yet took it hoping you can steal what belongs to real community members while hiding behind fake IPs.
I feel bad for those who lost funds, But It is what it is. Intentions were bad, and what goes around comes around. Therefore I don’t see why you should be allowed to receive rewards by any mean, And leaving this as is would be against the project & community’s interests, resulting in a mass sell off by the hackers at TGE. This is my position.
Anyway, It’s up to @dfox and the team to make the final call.
PS: This is not about being hacked, in which case I would’ve advocated for a way around this. But you’ve been caught red handed.
10 Likes
@dfox The token to be given to these people will completely damage the project and the community.
7 Likes
My apologies. I was mistaken about the hack being on a defi app/browser and not a browser enabling multiaccounts.
I think it would be a crime to pass by this. Linea team, please give a reaction to this situation, it is very important for all of us that you notice this 
I didn’t review all hacked wallet from Ads browser, but considering 10k hacked account review,
I was very surprised how Nansen detected sybils well.
More than 90% of sybils have been detected and POH was removed.
Congrat Nansen! Your team is really professional!
PS. I am not claiming that all people used Ads browser is sybils. Anyone can use other browsers. However, regardless of they are sybil or not, known hacked wallets must be removed from sybil lists.
Ads Browser is primarily used by sybils and industrial farmers with the intention of airdrop farming with 1000s of wallets and dump token during TGE.
2 Likes
This is not “just another browser”! This is specifically a browser for Sybil farming. Stop sugarcoating it and start calling things by their names. When furniture is being taken out of your boss’s office, you address the cause instead of pondering who’s doing it and why they’re using tools for mass wallet installations in browser sessions, plugins for spoofing IPs and browser fingerprints, and so on.
Read the messages above carefully. The breach happened via a plugin for mass MetaMask installations in browser sessions. What’s unclear here? THESE ARE MASS ACCOUNTS.
1 Like
It is obvious that these addresses should not be included in the distribution, but even better should become the basis for expanding the Nansen sybil list
1 Like
Horrible! Has the Linea team made any official statement about this yet?
It’s good that such truth was revealed before TGE. I have no doubt that the team will pay attention to this.
I spent an hour analyzing the wallets that sent funds to the addresses mentioned above and came to the conclusion that everything written in this thread is absolutely true.
There is a massive number of accounts with similar patterns. Linea should provide this data to the Nansen team.
There is no doubt that these abusers must be excluded
Damn, clean up Linea from these guys!