Last Updated on April 3, 2023 by Bitfinsider
A group of blockchain bots using the maximal extractable value (MEV) method to produce income suffered a loss of over $25 million as a result of a sophisticated exploit.
MEV bots function like high frequency traders on the network. They concentrate on utilizing speed and the intricate workings of blockchains to seize arbitrage chances. But in order to do so, they frequently have to take a significant financial risk. (in order to manipulate prices to sufficient levels).
On April 3, an attacker took advantage of some of these MEV bots by replacing their normal transactions with malicious ones, leading to the theft of their money. The assailant significantly damaged the MEV bots as a result.
Wintermute’s decentralized finance trader Joseph Plaza said that the exploiter probably created “bait” deals to entice the MEV bots. The attacker then switched out the original transactions that were used as bait for them with new, malicious ones, enabling them to steal the money. The attacker made a 32 ETH deposit to become a validator 18 days before the assault in order to get ready for it.
Plaza added that the attack probably happened right when it was the attacker’s time to suggest a block as a validator. Then, in order to deplete assets, they rearranged the block’s contents and produced a new one that contained their malicious transactions.
The incident was first reported on Twitter by smart contract developer “3155.eth,” and PeckShield later found the stolen funds at three Ethereum addresses that were combined from eight other addresses.
The creator of the main MEV program used on Ethereum, called MEV-Boost, Flashbots, has reacted with a fix to stop similar incidents from happening in the future.
The team has added a feature that tells relayers, who act as a trusted middleman between block creators and validators, to publish a signed block before sending its contents to a proposer, a stage that was previously missing. By taking this step, the chance that a malicious proposer within MEV-Boost will submit a block that differs from the one they received from a relay is reduced.
Hardware wallets are safe and secure devices that can be used offline. They keep your cryptocurrency offline, making it impossible for you to be hacked. To find out more on the leading hardware wallets, you may view our reviews here: Ledger & Trezor
Disclaimer: The views and opinions expressed by the author, or any people mentioned in this article, are for informational purposes only, and they do not constitute financial, investment, legal, tax or other advice. Investing in or trading cryptocurrency or stocks comes with a risk of financial loss.