Ethereum MEV Bot Gets Attacked for $20M as Validator Strikes Back

One of the major Ethereum MEV (maximal extractable value) bots has been targeted in an attack, apparently by one of the blockchain’s validators, resulting in the loss of almost $20 million.

The attack happened all within one Ethereum block, with blockchain auditor OtterSec saying a validator appeared to force a series of transactions into the block to steal funds the bot had planned to gain by front-running. A validator is responsible for processing transactions and creating new blocks on the blockchain.

“Maximal extractable value refers to the maximum value that can be extracted from block production in excess of the standard block rewards and gas fees by including, excluding, and changing the order of transactions in a block,” according to the Ethereum Foundation.

MEV flashbots use a technique called “sandwich attacks” to steal value from users by sending transactions just before and after a victim sends their own. This is a malicious way of manipulating the underlying price of the asset so that the bot can steal the price difference from the user.

In this case, OtterSec added that the validator responsible for causing the attack had funded their wallet more than two weeks ago from privacy layer Aztec Network, suggesting that it was a planned attack.

Blockchain sleuth Peckshield revealed that the $20 million in stolen funds are currently sat across three wallets, with eight linked addresses being originally funded from Kucoin.

DISCLOSURE