Validator Strikes Back as Ethereum Bot Loses $20M in Cyber Attack

Key takeaways:

• One of the blockchain’s validators attacked one of the main Ethereum MEV algorithms, which resulted in a loss of almost $20 million.
• Since September 2022, this has been one of the largest MEV bot attacks that they have come across.

According to reports, one of the blockchain’s validators attacked one of the main Ethereum MEV algorithms, which resulted in a loss of almost $20 million.

The term “maximal extractable value,” or MEV, refers to a strategy used by transaction validators to attempt to increase their profits by including, excluding, or rearranging the order of transactions in a block.

The entire assault took place inside of a single Ethereum block, according to blockchain auditor OtterSec, who also claimed that a validator appeared to force several transactions into the block in order to steal money that the bot intended to gain by front-running. It is the role of the validator to process deals and add new blocks to the blockchain, which are the duties of the validator.

According to a tweet from former Ethereum Foundation member Hudson Jameson, the assault has the potential to change the MEV ecosystem because MEV extractors will be left wondering “which Ethereum validators are malicious.”

By sending transactions immediately before and after a victim transmits their own, MEV flash bots use a tactic known as “sandwich attacks” to steal money from users. This is a cunning method to change the asset’s base price so that the bot can take the user’s money for the difference in price. Since September 2022, this has been one of the largest MEV bot attacks that they have come across.

The incident was first reported on Twitter by smart contract developer “3155.eth,” and PeckShield later found the stolen funds at three Ethereum addresses that were combined from eight other addresses. The creator of the main MEV program used on Ethereum, known as MEV-Boost, Flashbots, has reacted with a fix to stop similar incidents from happening in the future.

The malicious validator who drained the MEV bots this morning has been slashed by the protocol in this block:https://t.co/Q2fA6dByzg pic.twitter.com/BbQKkTRUF2

— terence.eth (@terencechain) April 3, 2023

The team has added a feature that tells relayers, a reliable middleman between block creators and validators, to publish a signed block before sending its contents to a proposer, a move that was not previously present. With this action, we hope to lessen the possibility that a malicious proposer within MEV-Boost will propose a block that differs from the one they got from a relay.