Excellent question. In the case of Java I2P and of I2P+, the attacker is actually gaming the sybil attack tool in order to trick routers into erroneously banning floodfills.
Basically the attacker has found a way to trick real routers into attempting to connect to fake routers. Normally, this is not harmful, fake routers are just offline routers. Offline forever.
But if you craft your fake router this one specific way then the router you are tricking thinks some real router, which is usually reachable, is offline. That’s how it affects I2P without the sybil tool. The sybil tool, in this case, amplifies the effect of the attack and the duration of the attack, because the real router which is ddos’ed gets banned by the sybil tool.
Edit: I am deliberately leaving out specific details here.