- A Solana’s MEV sandwich bot is reported to have amassed approximately $30 million in just two months with three wallet addresses exposed by MRGN Research’s Ben Coverston.
- The first wallet address is reported to contain cryptos worth $19 million with the second address containing $9.9 million.
The villainous maximal extractible value (MEV) sandwich bot (arsc) is reported to have accumulated a whooping sum of $30 million in the last two months. According to the founder of crypto firm MRGN Research Ben Coverston, one of the largest bot wallet addresses used for cold storage is “9973h…zyWp6.”
Fascinatingly, it managed to go through a great length to accumulate these funds without any hint.
It is quite inactive and, judging by its behaviour, is almost certainly a locked-down, cold wallet.
More Discovery by a Solana Explorer Platform
A Solana explorer site SolanaFM discloses that the exposed wallet addresses hold $19 million with Solana tokens alone making up $17 million of the total and Circle’s USD Coin making up of $1.1 million. In addition to these, a small amount of wrapped-SOL (wSOL), Cringe Coin (CRINGE), and Kabosu (KAB) are also held in the wallet.
Another wallet address – “Ai4zq…VXKKT,” said to have been actively used in this scheme reportedly holds $9.9 million in non-Solana tokens. According to Coverston, the attackers gradually convert SOL into USDC using Jupiter’s Dollar Cost Average (JUP DCA) while holding a significant position in Kamino and various Liquid Staking Tokens (LSTs).
The third wallet address identified by Coverston is “BCbrp…vi58q”. Per his observation, this is arsc’s “main SOL bank” since it uses dozens of different signers and tippers to stage the sandwich attack. In total, the three wallets hold $29.8 million.
It seems they don’t enjoy the attention, as they’ve recently gone to great lengths to hide their activities and profits.
According to our research, Sandwich attacks have been actively employed in the crypto industry for years with MEVBlocker data disclosing that more than $1.38 billion was wiped from Ethereum users on or before April 2023. In July 2023, a blackhat risked 50 ETH (about $96,000 at that time) to make a profit of 472 ETH ($890,000).
Our Research on How Attackers Use MEV
Miner Extractable Value or Maximal Extractable Value (MEV) enables a miner to exclude, include, and order a transaction in the blockchain before the block gets mined. Interestingly, attackers have managed to exploit this using a sandwich attack by frontrunning and backrunning the victim’s swap transaction.
According to our investigation, attackers monitor the mempool or list of pending transactions they want to exploit, then submit two transactions once they identify the target. Specifically, one is submitted before and one after, surrounding the target “like bread in a sandwich.” The two transactions are submitted with lower and higher gas fees than that of the victim to execute the attack. Alternatively, attackers may also submit a transaction bundle using specialized RPC providers to guarantee the ordering of transactions for a fee.
Amid the backdrop of this, Solana (SOL) makes a 0.93% surge in the last 24 hours, trading at $145. However, the asset has declined by 8% in the last seven days according to Crypto News Flash data.
Recommended for you:
This article is provided for informational purposes only and is not intended as investment advice. The content does not constitute a recommendation to buy, sell, or hold any securities or financial instruments. Readers should conduct their own research and consult with financial advisors before making investment decisions. The information presented may not be current and could become outdated.
John is a seasoned cryptocurrency and blockchain writer and researcher, boasting an extensive track record of years immersed in the ever-evolving digital frontier. With a profound interest in the dynamic landscape of emerging startups, tokens, and the intricate interplay of demand and supply within the crypto realm, John brings a wealth of knowledge to the table. His academic background is marked by a Bachelor’s degree in Geography and Economics, a unique blend that has equipped him with a multifaceted perspective. This diverse educational foundation allows John to dissect the geographical and economic factors influencing the cryptocurrency market, offering insights that go beyond the surface. John’s dedication to the crypto and blockchain space is not merely professional but also personal, as he possesses a genuine passion for the technologies that underpin this revolutionary industry. With his astute research skills and commitment to staying at the forefront of industry trends, John is a trusted voice in the world of cryptocurrencies, helping readers navigate the complex and rapidly changing terrain of digital assets and blockchain innovation. John Kiguru is an accomplished editor with a strong affinity for all things blockchain and crypto. Leveraging his editorial expertise, he brings clarity and coherence to complex topics within the decentralized technology sphere. With a meticulous approach, John refines and enhances content, ensuring that each piece resonates with the audience. John earned his Bachelor’s degree in Business, Management, Marketing, and Related Support Services from the University of Nairobi. His academic background enriches his ability to grasp and communicate intricate concepts within the blockchain and cryptocurrency space. Business Email: info@crypto-news-flash.com Phone: +49 160 92211628