Apriori, a trading infrastructure startup backed by Binance founder Changpeng Zhao’s venture arm, is facing scrutiny after blockchain data revealed that thousands of newly created wallets secretly claimed most of its token airdrop. On October 23, Apriori distributed its APR token across Ethereum and BNB Chain as part of a “Genesis Airdrop” meant to reward early contributors, testnet users, and NFT holders from partner communities such as MadLads and Moonbirds. However, blockchain analysis reviewed by investigators shows that roughly 80% of the tokens on BNB Chain were claimed by more than 5,800 wallets linked to a single clustered group. The pattern suggests an organized Sybil attack , a tactic where airdrop hunters deploy thousands of wallets to claim rewards multiple times. Inside Job or Coincidence? Wallet Patterns Cast Doubt on Apriori’s Airdrop Fairness According to On-chain data, the cluster of wallets was created and funded days before Apriori publicly announced that its token would be claimable on BNB Chain, raising questions about whether inside information may have been used. ⌘ Apriori: What Happened Behind the Scenes [click to read better] When I heard about what happened with @aPriori , I decided to collect some data and today, I finally finished the analysis. You can find the links to the .csv and .xlsx files in the comment section. In this… pic.twitter.com/1xicRUycQb — NAGI (MON to $1) (@Nagiiiiseishiro) October 24, 2025 Between October 19 and 20, these wallets were each funded with small amounts of BNB from just 13 addresses, enough to execute airdrop claim transactions. Those 13 wallets, which funneled the funds, remain unidentified. Analysts who reviewed the data said the activity occurred before the eligibility criteria were published on October 22, suggesting prior knowledge of the airdrop’s network and timing. Further analysis of the top 200 APR holders found that nearly all were newly created between October 5 and 6, had no meaningful trading history, and engaged in little to no on-chain activity beyond receiving the token. Only three wallets among the top holders appeared to belong to genuine users with prior transactions and NFT activity. The rest showed almost identical trading behavior and transaction patterns, indicating automated control or coordination. Apriori and its founder, Ray Song, did not respond to multiple requests for comment. Apriori’s investors include YZi Labs (formerly Binance Labs), HashKey Capital, Pantera Capital, and Primitive Ventures. aPriori is excited to announce a $20M fundraise, bringing our total funding to $30M. We’re building the intelligent order flow coordination layer so traders, liquidity providers, and validators win together. Thank you to our investors and community. pic.twitter.com/s1Ur1irMQl — aPriori ⌘ (@aPriori) August 28, 2025 The startup, developed by former engineers from Jump Trading, Coinbase, and Citadel Securities, raised $30 million to build an “execution layer” for on-chain crypto markets, using high-frequency trading strategies to improve efficiency and reduce the effects of maximal extractable value. Source: CoinGecko The APR token, which debuted at a $93 million market capitalization, has fallen more than 60% since its all-time high of $0.7396 on launch day, according to CoinGecko data. As of publication, the token trades at less than half its debut value. Apriori Airdrop Scandal Adds to Growing List of Sybil Attacks The episode has raised questions about whether the airdrop was compromised internally or manipulated through insider knowledge. Critics within the Monad community, where Apriori was initially expected to launch its token, have expressed frustration, accusing the project of betraying its supporters and damaging trust ahead of Monad’s anticipated mainnet debut. The incident echoes a growing list of Sybil-style airdrop scandals across the crypto sector. In September, decentralized exchange MYX Finance faced similar accusations when 100 wallets allegedly tied to its team claimed $170 million worth of MYX tokens. @bubblemaps ties $MYX creator wallets to an alleged $170M Sybil attack during the @MYX_Finance airdrop. #Airdrop #MYX #cryptoscam https://t.co/6GF4OH0KGn — Cryptonews.com (@cryptonews) September 11, 2025 Last year, zkSync and Solana-based Io.net suffered large-scale Sybil exploits , with attackers using automated wallets and fake GPU reports to claim millions in rewards. LayerZero Labs also blacklisted hundreds of thousands of suspected Sybil addresses last year in an effort to protect its token distribution. LayerZero Labs has identified 800,000 addresses as potential sybil addresses, rendering them ineligible for the full token allocation. #LayerZero #Airdrop https://t.co/ZnYJbcOIeD — Cryptonews.com (@cryptonews) May 20, 2024 Such tactics remain difficult to detect and prevent. Analysts warn that such Sybil attacks have become a recurring issue in the industry, eroding trust in token distribution events. The post CZ-Backed Apriori Airdrop Under Fire as Wallets Made in Secret Claim 80% of Tokens appeared first on Cryptonews .
