In the crypto world, hacks and exploits are becoming more common. Criminality is also growing with the global acceptance of digital assets. To hack into protocols and other platforms, criminals have become more adept at using technological methods. These exploits can be achieved by exploiting a small and insignificant loophole.
MEV bot (an Ethereum arbitrage trading robot) amassed $1 million in jackpot prizes. Its joy was fleeting as the events of that day proved to be a setback. The hacker took away the enormous value before anyone could properly reflect on it.
MEV Bot’s Crypto Gains Came Through Arbitrage Trading Opportunity
Robert Miller is an employee at Flashbots. He took to Twitter in order to reportIt was a successful attack. The Maximal Extractable Value (MEV bot) with prefix 0xbadc0de had earned Ether via arbitrage trades. According to him, the bot earned 800 ETH in just a few months. This is about one million.
The bot leveraged a considerable arbitrage opportunity from trader sales from Miller’s explanation. A transaction involving $1.8 million was made via Uniswap v2, a Decentralized Exchange (DEX) and involved approximately $1.8 million. Only 500 assets were returned from the trading. After recognizing the benefit, the bot used its available resources to quickly earn huge profits.
But the bot’s gain could not stay much longer when a hacker discovered a vulnerability in its lousy code. This was used by the hacker to fool it into authorizing transaction authorization. The hacker wiped the bot’s balance, about 1,101 ETH.
PeckShield, a blockchain security company, revealed that the bug is traceable to the bot’s callback routine. This was the key to the exploit, which allowed the hacker to spend at an unspecified address.
Similar Attack on Vulnerability
Cryptospace is seeing an explosion in vulnerability attacks. Profanity, an Ethereum vanity-address generator, discovered a vulnerability on September 18. It resulted with $3.3million in funds being stolen from other wallets.
1Inch Network was a DEX-aggregator that investigated the exploit. DEX identified some issues in creating the compromised wallets. Due to the danger associated with using compromised wallets, the DEX advised users that they should move their money.
A week later, another attack was discovered on the vanity address of a wallet. Some Ether worth approximately $1 million was lost in this attack. They transferred their funds to Tornado cash (a crypto-mixer that was just sanctioned).
Pixabay's Featured Image, Chart: TradingView.com