For example, an attacker might connect 100,000 IP addresses to the IRC bootstrap channel. You would then be very likely to connect only to attacker nodes.
AFAIA the IRC bootstrap is no longer used so I still don't see how this could happen (unless the victim was running an old version of the client).
a lot of nodes connected almost exclusively to them, so they got all the notifications and forwarded them.
so it looked like all blocks came from them.