A large Ethereum MEV bot was targeted in a sandwich attack on Sunday, netting an attacking validator roughly $25 million in funds.
A sandwich attack is when an attacker places a large trade on either side of a target’s transaction, manipulating the price and profiting from the price change.
In this case, the money was taken from maximal extractable value (MEV) bots – bots focused on rearranging transactions within a block to maximize the profits it generates for validators.
At Ethereum block 16964664 on Sunday, 8 separate blockchain addresses executed 8 sandwich attacks involving 3 transactions each, for a total of 24 transactions. This series of transactions appeared to deliberately steal funds from an MEV bot attempting to front-run the block and gain more value.
The attacking validator was able to back-run the MEV bot’s original back-run transaction with a new back-run transaction, thus canceling the initial back-run transaction of the MEV bot.
Data from blockchain security group PeckShield shows that the attacker transferred their profits to a separate blockchain address, which now holds roughly $20 million in funds. That includes $13.4 million in WETH, $3 million USDT, $1.8 million WBTC, and $1.7 million DAI.
The attacker had been planning this attack for half a month. According to DeFi analysis platform EigenPhi, “the attacker “had completed eight purchases starting on March 17th, buying STG, AAVE, CRV, BIT, MKR, UNI, and other tokens with 0.07 ETH each.”
The validator of the targeted block went offline after epoch 191813. It will be able to withdraw its staked ETH when the Ethereum Shapella upgrade goes live next month.
The post How MEV Bots Lost a Whopping $20M in a Sandwich Attack appeared first on CryptoPotato.