PeckShieldAlert reports $25M Ethereum MEV Exploit

PeckShield, a blockchain security analytics firm, has reported a concerning incident involving sandwich-focused MEV bots on the Ethereum network. The incident has raised questions about the security of decentralized exchanges (DEXs). The bundles, designed to execute reverse swaps and take profits, were found to be broken, resulting in back-run transactions being reverted. This has sparked a debate about the responsible party for the exploit.

🚨🚨🚨 #MEV The interesting bundles from sandwich-focused MEV bots on https://t.co/4AYDU3xkN3 seems broken. The backrun txs, which are supposed to do the reverse swap and take profits, were reverted!

Our analysis shows that the victim txs were replaced by the bot-exploiting… https://t.co/pMOkKpVM8v
— PeckShield Inc. (@peckshield) April 3, 2023

A thorough analysis has discovered that transactions utilizing MEV bots have replaced victim transactions that had already executed a reverse swap to secure profits. This development has sparked concerns regarding the potential hazards of employing MEV bots on DEXs and highlights the necessity for more resilient security protocols to avert such occurrences.

Trump Backs Crypto at Bitcoin Conf; Ethereum Eyes $4454 in 2024

SEC Approves First U.S. Ethereum ETFs; Trading Begins

Upon conducting a more in-depth examination of the recent exploit, it has come to light that the majority of the pilfered funds are concentrated in three specific addresses: 0x3c98…8eb (totaling $20M), 0x5b04…5b6 (amounting to $2.3M), and 0x27bf…f69 (approximately $3M). Intriguingly, it has also been uncovered that Kucoin, a centralized cryptocurrency exchange, was the initial funding source for eight addresses implicated in the breach.

#PeckShieldAlert The stolen funds (~25M) are mainly located in 3 addresses, 0x3c98…8eb (~20M), 0x5b04…5b6 (~2.3M) and 0x27bf…f69 (~3M)
0x84cB…8D1, 0x88Fd…7EE, 0x94e0…87C, 0x0429…46C, 0xEafc…D1B, 0xCaCE…975, 0x5b04…5b6 and 0x27bf…f69 these 8 addresses were… https://t.co/7g60VX8ica pic.twitter.com/7oFwYSVoyn
— PeckShieldAlert (@PeckShieldAlert) April 3, 2023

Per the insights shared by Punk #3155, a seasoned Smart Contract developer and Twitter user, the recent exploit has caused a staggering loss of approximately $25 million. The incident has sparked concerns about a possible involvement of a rogue validator, given that Aztec had funded the proposer of the exploit. Punk #3155 believes that this occurrence could mark a crucial juncture for the entire MEV ecosystem, and it seems to be a meticulously orchestrated attack.

Upon conducting a more in-depth analysis of the exploit, it has come to light that the individual responsible for the breach had only recently become a validator 18 days prior. Additionally, the tokens in question were prepared a mere 16 days ago. As the developer has pointed out, thoroughly examining all pertinent details is necessary to comprehend this incident’s scope fully.

Tags: Ethereum