How a Sophisticated Maximum Extractable Value (MEV) Sandwich Attack Drained a Crypto Investor's USD Coin (USDC) Balance

In a matter of eight seconds, their USD Coin (USDC) balance was drained to just $5,271 in Tether (USDT) as a bot front-ran the trade, earning more than $215,500 in profits.

A crypto investor fell victim to a sophisticated Maximum Extractable Value (MEV) sandwich attack when attempting to execute a $220,764 stablecoin swap on Uniswap v3. Within eight seconds, their USD Coin (USDC) balance was drained to just $5,271 in Tether (USDT) as a bot front-ran the trade, amassing over $215,500 in profits.

Highlighting the incident on X, DeFi Researcher 'DeFiac' noted that the stablecoin swap was executed at 2:33:30 pm on March 12, aiming to convert $220,764 USDC to USDT in the Uniswap v3 USDC-USDT stablecoin liquidity pool.

The post highlighted that the pool had around $19.8 million locked and no trades had occurred for about seven minutes. Moreover, the trader set a 0.1% slippage cap, which is quite low, especially for a large trade.

MEV bots typically prefer large trades with high slippage, rendering them optimal targets for such attacks. In this case, the bot performed a traditional front-running maneuver by quickly withdrawing all the available USDC liquidity from the pool before the trader's swap could be executed.

Afterward, the bot immediately replenished the pool, enabling the trader's order to be fulfilled at an inflated price and the bot to realize a huge arbitrage profit.

According to The DeFi Report founder Michael Nadeau, the attacker also tipped Ethereum block builder "bob-the-builder.eth" a staggering $200,000 for successfully including the trades in the block, leaving themselves with an $8,000 profit from the entire exploit.

Is anyone safe using DeFi?A user on @Uniswap v3 was just sandwich attacked out of $216k while simply trying to swap $217k USDC to USDT.

Mind you, this was a pool that had over $35m of USDC and USDT in it. This is insane.

How did it happen? An MEV bot front-ran the tx by… pic.twitter.com/cyzu4M6qfz

— DeFiac (@DeFiac_) March 13, 2024

Pointing out that the same trader, most probably operating through several wallets, has been repeatedly targeted, DeFiac, using internal tools, claims that the trader was hit by at least six such sandwich attacks, all the funds having come from Aave's lending platform before being sent through Uniswap.

Tx hashes: pic.twitter.com/krG2kfZjto

— DeFiac (@DeFiac_) March 13, 2024Further investigations by crypto analysts verified that two more wallets were performing sandwiching on March 12 in nearly the same category of trades. Wallets "0xDDe…42a6D" and "0x999…1D215" lost $138,838 and $128,003, respectively, in trades made in minutes following the $220,764 exchange.

These transactions, clocking in at an average of $364,000, were part of a money laundering scheme rather than simple trading blunders, some crypto analysts believe.

if you do happen to have illicit funds, you might build a highly MEV-conducive transaction, secretly forward it to an MEV bot, and allow them to arbitrage it in a bundle, said 0xngmi, DeFiLlama founder, adding that this would essentially "wash" crypto with little loss.

suggesting that the victims could have used private mempools to prevent the trades from being front-run, and set slippage caps more tightly to prevent price manipulation. He also advised trading through MEV-protected platforms like Uniswap’s front-end or alternative routing services.

Pointing out that traders are largely aware of MEV and prefer to use Uniswap’s front-end due to its built-in protections and default slippage settings which are designed to counteract sandwich attacks, legal and compliance issues posed no threat to the attacker, highlighted Defiant's founder.

suggesting that these transactions do not originate from Uniswap’s front-end interface which has built-in MEV protections and default slippage settings to counteract sandwich attacks.

Uniswap CEO defended the platform’s security measures, saying that Uniswap’s official interface already incorporates safeguards against such exploits.

suggesting that the trader was engaging in risky trading practices by setting a low slippage cap on a large trade, which made them an easy target for MEV bots.

highlighting that traders should be mindful of the risks involved with decentralized exchanges and MEV abuse. Traders with large sums should utilize private mempools in a way that prevents front-running,