Verifier Steals Millions From MEV Bots

Share This Post

As Ethereum (ETH) prepares for its highly-anticipated upgrade, now known as “Shapella,” the network has faced a new challenge in the form of malicious attacks on Miner Extractable Value (MEV) bots transactions. A network validator conducted the attack. 

These aggressions have been carried out by a verifier who has invalidated legitimate transactions and replaced them with their own, resulting in significant losses for MEV bot owners. According to the report, an estimate of over $25 million as of this writing.

How This Attacker Breached Ethereum’s Network?

According to journalist Colin Wu, the attacker has been operating as a validator for 18 days and targeting a select few “top” MEV bots on the Ethereum network. The attacker has reportedly focused on pools with “low” liquidity, using MEV bots to exploit arbitrage opportunities and generate profits across decentralized finance (DeFi) protocols like Uniswap. 

Per Beosin Alert, a researcher of blockchain projects on the crypto market, the perpetrator started by sending a transaction to a liquidity pool with a small amount of 0.04 WETH (a synthetic form of Ethereum’s native cryptocurrency) to see if the MEV Bot would “front-run” the transaction, referring to the practice of placing a transaction ahead of someone else’s to take advantage of the price difference. 

If the MEV Bot monitors the pool and detects the hacker’s transaction, it will use its available funds to execute an arbitrage trade. Arbitrage is a trading strategy involving buying an asset on one market and selling it to another at a higher price to make a profit. 

In this case, while the MEV bot uses its funds to buy the asset from the pool at a lower price and sell it on another market at a higher price, the hacker is essentially using the MEV bot’s monitoring capabilities and liquidity to carry out profitable trades and exploit the pool’s low liquidity. 

Ethereum’s attacker transactions. Source: Beosis Alert on Twitter.

Additionally, according to Beosis, the attacker starts by exchanging many tokens in the binary smart contract system, Uniswap V3, then swapping these tokens in a low liquidity V2 pool to create an arbitrage opportunity.

As a result of the attack, the MEV bot’s attempts to swap the WETH back to its original account are unsuccessful because the WETH is no longer available. In other words, the attacker has successfully stolen the bot’s funds, leaving the bot at a loss, according to Beosis. 

Will Ethereum’s Shapella Upgrade Face Delays Due To Recent Attacks?

Validators play a crucial role in creating new blocks on the blockchain by participating in the consensus process. In the Ethereum Network, the consensus process is based on a proof-of-stake (PoS) algorithm, which means that validators stake their funds in ETH as collateral to guarantee their commitment to the network. 

Validators are rewarded with ETH for their work. Still, they can also be penalized for malicious or fraudulent activity, such as the ongoing attack on the MEV bot.

The recent attack on the Ethereum network has exposed vulnerabilities that raise concerns about the network’s security and stability. These issues could delay the planned upgrade and require the core development team to address them before proceeding.

However, Ethereum’s core developer team has not received official responses regarding plans to address these vulnerabilities and prevent future attacks.

By implementing stronger security measures, monitoring the Ethereum network for suspicious activity, and creating a more robust validation process, it may be possible to prevent a similar attack on Ethereum’s MEV bots and improve the overall security and stability of the network. 

ETH with sideways price action on the 1-day chart. Source: ETHUSDT on

Featured image from Unsplash, chart from


Related Posts