On Sunday, a sandwich attack was launched on a large Ethereum MEV bot, resulting in roughly $25 million in funds being taken by the attacking validator.
- A sandwich attack occurs when an attacker places a trade on either side of a target’s transaction to manipulate the price and profit from the change in price.
- In this instance, the MEV bot was targeted, which maximizes profits for validators by rearranging transactions within a block.
- During Ethereum block 16964664 on Sunday, eight blockchain addresses executed eight sandwich attacks across three transactions each, stealing funds from the MEV bot trying to front-run the block and gain value.
- By executing a new back-run transaction, the attacking validator was able to cancel the MEV bot’s original back-run transaction.
- According to blockchain security group PeckShield, the attacker transferred their profits to a separate blockchain address holding roughly $20 million in funds, including $13.4 million in WETH, $3 million in USDT, $1.8 million in WBTC, and $1.7 million in DAI.
- The attacker had been planning the attack for two weeks, purchasing STG, AAVE, CRV, BIT, MKR, UNI, and other tokens for 0.07 ETH each, according to DeFi analysis platform EigenPhi.
- The validator of the targeted block went offline after epoch 191813 and will be able to withdraw its staked ETH when the Ethereum Shapella upgrade goes live next month.