Aaron Network
Back to blog
5 min read
How the Russian Community Attacked Xion

How the Russian Community Attacked Xion

Previously, we shared our story about how the validator Posthuman attacked our project after we identified and excluded thousands of addresses owned by a small number of individuals from our airdrop. The purpose of such addresses is to manipulate airdrops to obtain larger rewards.

The Attack on Xion

We will show how the Xion project was attacked. The attack originated from a Russian chat group called “Chitter in Cosmos”. This group called on its participants to attack the project’s Twitter account. The goal of the attack was to force the project to distribute the airdrop to members of the Cosmos ecosystem. However, we suspect that this was also motivated by simple revenge.

We found a message from the admin expressing dissatisfaction that the project did not reward him for participating in the testnet.

1

XION plans TGE and listings on December 5th at 10:00 UTC.

💰 It’s a bit too hard to give out the drop to everyone and forget about Atom stakers. There’s EVM, Solana, Berachain, Monad, and a bunch of other projects that I’ve never heard of.

🏆 But they shaved off their own users - testers! They seem to be built on the Cosmos SDK using IBC, but other communities decided to reward them.

🏁 I wouldn’t be surprised if Cliff and vesting are also on the drop. Another project from the category - break a glass and forget! Share in the comments who got how much for what activities? How many coins did you add after filling out the form?

Afterward, calls to attack the project on Twitter were published in both Telegram and the admin’s Twitter account. We will not publish the insults posted by the members of the community.

1

🚀 Let the Cosmos ecosystem know its “heroes” 😁. Let’s try to make some noise on Twitter. Maybe they’ll notice us and draw conclusions.

1

Pay attention to the Twitter username. We managed to find this person on the PostHuman website in the list of active community members. It is he who is the organizer of this attack.

1

Profile of the Attacking Community

This community has been described to us as a group of school-aged individuals. Its participants are young and inexperienced members of the Cosmos ecosystem. The group is organized by a person from Ukraine. We are also aware that this community does not hold much authority among Russian-speaking participants.

The greatest authority, we would say almost unconditional, lies with the validator Posthuman. While we are not claiming that Posthuman organized this attack, take a look at the screenshots below.

Possible Connections to Posthuman

Two days after the attack, its organizer wrote some kind words about the validator Posthuman. On the same day, the validator reposted this post.

1

🚀 Posthuman is a public, highly respected cool validator and Human! Has a cool reputation, team, cool community, educational channel and many projects that can be called in one word - Posthuman. The team constantly participates in crypto events of the world scale. Has been publicly active for more than 3 years. I admire and always recommend to everyone.

✅ And when a no-name offers you virtual numbers - are you ready to change your shoes? I’d rather underearn or lose with a smart one than earn with a stupid one.

🏁 I don’t see the point in discussing the current situation in chats. Those who have money and technology - give out drops unexpectedly and silently. Those who don’t have money or technology - look for dirty marketing, dictate unrealistic conditions, shave and as a result give out three kopecks.

🏆 There are many drops ahead, enough for all of us! Success is inevitable! But in pursuit of drops, let’s still remain people with people and for people!

1

Validator Posthuman is not the organizer of the attack, but their inaction demonstrates a certain level of loyalty or indifference to these events. This undermines their reputation and creates grounds for accusations of involvement.

Recommendations for Posthuman

To maintain their reputation, Posthuman could have:

  1. Openly condemned such attacks, emphasizing the harm they cause to the ecosystem.
  2. Demonstrated that they do not support manipulations or destructive actions.

It has been several days since the attack, yet no condemnation from the validator has followed.

At the moment, the organizer of the attack is distributing information that the project has distributed tokens to a close circle of people.

1

In my opinion, this project was not made by UserFriendlyConnect in order to get more addresses of the team and close people

The Bigger Picture

The Xion Project has a massive community that is incomparable in size to the attacking groups. This attack is akin to a mosquito bite on the rear of a heavyweight boxing champion. Most likely, this bite went entirely unnoticed.

However, such behavior is destructive, harms the entire community, and must be addressed!