A group of blockchain bots running maximal extractable value (MEV) transactions suffered a significant loss of over $25 million in a recent sophisticated exploit on the Ethereum blockchain. MEV bots work like high frequency traders on blockchains, but they often have to put large amounts of money at risk to manipulate prices to sufficient levels. In this attack, the perpetrator replaced the normal transactions of the bots with malicious ones, causing them to lose money.
Baiting MEV Bots
Decentralized finance trader at Wintermute, Joseph Plaza, explained that the attacker likely set “bait” transactions to lure the MEV bots. Once lured, the attacker replaced the initial baiting transactions with new, malicious ones, enabling them to steal the funds. The perpetrator deposited 32 ETH to become a validator 18 days before the incident, probably waiting until their turn to propose a block to carry out the attack. They then reorganized the contents of the block and created a new one containing their malicious transactions to drain assets.
Also Read: 3Commas API’s have been leaked by an anonymous Twitter user
Preventing Future Incidents
The incident was initially revealed on Twitter by smart contract developer “3155.eth,” and stolen assets were traced to three Ethereum addresses consolidated from eight other addresses by PeckShield. Flashbots, the developer of the primary MEV software used on Ethereum, MEV-Boost, has responded with a fix to prevent such incidents from happening in the future. The team has introduced a feature that instructs relayers to publish a signed block before transmitting its contents to a proposer, aiming to decrease the likelihood of a malicious proposer within MEV-Boost proposing a block that deviates from what they received from a relay.
Following the attack, the Ethereum community has called for better security measures to protect against similar incidents. However, such incidents are not uncommon, and several other attacks have been carried out on Ethereum in the past, including the 2016 DAO hack and the 2017 Parity wallet breach. As the use of blockchain technology continues to grow, the importance of implementing robust security measures to protect users’ funds will only increase.
