ETH Hackers Exploit Arbitrage Opportunities with MEV Bots to Make $25M!

As Ethereum (ETH) gets ready for its much-anticipated upgrade, which is now being referred to as “Shapella,” the network has come up against a new obstacle in the type of malicious threats on Miner Extractable Value (MEV) bots exchanges.

These attacks have caused the network to face new difficulties. An attack of this kind was carried out by a network validator.

A verifier has been responsible for these aggressions; they have voided legitimate activities and substituted them with their own, which has resulted in considerable losses for MEV bot owners.

As of when this article was written, an estimate of more than $25 million was included in the report.

The attacker has reportedly been posing as a validator on the Ethereum network for the past 18 days and has been aiming their attacks at a select group of “top” MEV bots, as reported (1) by journalist Colin Wu.

It has been stated that the attacker has concentrated on pools with “low” liquidity, employing MEV bots to take advantage of arbitrage opportunities and earn profits over decentralized finance (DeFi) protocols like Uniswap.

According (2) to Beosin Alert, an analyst of blockchain solutions on the crypto market, the offender started by transferring a payment to a liquidity pool with a tiny portion of 0.04 WETH (a synthetic form of Ethereum’s native cryptocurrency).

The perpetrator wanted to see if the MEV Bot would “front-run” the transaction, which is sending a transaction away of another person’s to take advantage of the price difference.

Suppose the MEV Bot monitors the pool and discovers the hacker’s transaction. In that case, it will use any available funds to carry out an arbitrage trade.

The practice of buying a security on one market and then selling it on another at a higher price to make a profit is known as arbitrage.

The hacker is primarily using the MEV bot’s security measures and cash flow to bring out profitable trades & utilize the pool’s liquidity problems.

While the MEV bot is using its money to purchase the asset from the pool at a lesser price and selling it on another market for a greater price, the hacker is doing this while the MEV bot is using its funds to buy the asset from the pool at a lesser price and selling it on another market for a more expensive price.

In addition, according to Beosis, the attacker initiates the attack by exchanging a large number of tokens in the binary smart contract system called Uniswap V3, followed by exchanging these tokens in a lower cash V2 pool in order to generate an opportunity for arbitrage.

Because of the attack, the MEV bot is unable to successfully move the stolen WETH back to the account where it was originally stored. This is because the WETH in question is no longer available.

According to Beosis, this means that the attacker successfully stole the funds from the bot, which resulted in the bot suffering a loss.

 

Will Recent Attacks Cause Delays in the Shapella Upgrade for Ethereum?

By contributing to the process of reaching a consensus, validators fulfill an essential function in the process of adding new blocks to the blockchain.

Proof-of-stake (PoS) is the algorithm’s name underpinning the process of reaching consensus on the Ethereum Network.

This means that validators are required to put up their own funds in the form of ETH as collateral to demonstrate their dedication to the network.

As a token of appreciation for their efforts, validators receive ETH. Nevertheless, in addition to that, they can be punished for engaging in dishonest or fraudulent behavior, such as the current attack on the MEV bot.

The latest attack on the Ethereum platform has revealed flaws, raising concerns about the network’s stability and safety. These concerns may cause the planned upgrade to be delayed, and it will be necessary for the core project team to address these before moving further.

The core developer team for Ethereum has not, however, received any official responses outlining plans to resolve these flaws and avoid future attacks.

It may be able to block a similar attack on Ethereum’s MEV bots and improve the overall safety and reliability of the system by trying to implement stronger security protocols, tracking the Ethereum network for unusual behavior, and generating a more rigorous validation process.