Original text: "Encountering "black eaters"? Analysis of MEV Robot Attack Incident that Lost $25 Million"
On April 3, 2023, according to the Beosin-Eagle Eye situational awareness platform, the MEV robot suffered a malicious sandwich attack, causing losses of approximately US$25 million.
What is a sandwich attack? How did this attack occur? The Beosin security team analyzed the incident immediately. The results are as follows.
Attack block:
https://etherscan.io/block/16964664
attacker:
https://etherscan.io/address/0x3c98d617db017f51c6a73a13e80e1fe14cd1d8eb
Mev bug git link:
https://github.com/flashbots/mev-boost-relay/pull/330
Bundles analyze@samczsun:
https://twitter.com/samczsun/status/1642848556590723075?s=46&t=Ucn3vRhyG0n8a4YU2zWE0g
Attack introduction:
Malicious nodes exploit MEV-boost-relay related vulnerabilities, then use malicious sandwich attacks to manipulate prices and ultimately make profits.
MEVbot introduction:
Maximum Extractable Value (MEV) refers to the maximum value that can be extracted from block production over and above standard block rewards and gas fees by adding and excluding transactions in the block and changing the order of transactions in the block.
Complex algorithms are run on blockchain data to detect profitable MEV opportunities, and bots automatically submit these profitable transactions to the network.
MEVbot has many strategies, including currency spread arbitrage, liquidation, NFT MEV, etc. The sandwich transaction involved in this attack is in DEX. In order to achieve such a function, MEVbot will monitor the DEX transactions in the memory pool and calculate the impact, and place orders first. Buy at a low price and then sell at a profit after the user trades. The recent rise of MEV services such as FlashBots now allows traders to create “sandwich bundles” in which all 3 trades are executed, or none are executed. At the same time, there has been an increase in miner trading teams, who mine sandwich packages directly into their blocks.
Sandwich attacks are a popular front-running technique in DeFi. In order to form a "sandwich" transaction, an attacker (or as we call him a predatory trader) will find a pending victim transaction and then try to sandwich the victim with transactions before and after. This strategy comes from the method of buying and selling assets to manipulate asset prices.
Sandwich attack introduction:
Sandwich attacks are a popular front-running technique in DeFi. To form a "sandwich" transaction, an attacker (or as we call him a predatory trader) will find a pending victim transaction and then attempt to sandwich the victim with transactions before and after. This strategy comes from the method of buying and selling assets to manipulate asset prices.
The goal of sandwich trading is to exploit the slippage of unexpected victims. At the same time, there are also many decoy robots that use MEVBot's strategies in turn, such as malicious decoy tokens, or special amount specifications in the transfer function. This attack uses MEVBot-related loopholes.
Off-chain BUG description:
Under normal circumstances, it is difficult for malicious proposers to modify bundles because of the double-signing penalty. However, the attack parent_root and state_root are maliciously set to 0x00, which will cause PublishBlock to return an error. However, because the old version does not process the returned error, it will obtain the The disclosed Bundles led to the incident. The picture below shows the fix for the vulnerability in git.
On-chain attack process:
1. Take one of the attacks as an example. The attacker first targeted a pool with very low liquidity and tested whether the MEV robot would rush the transaction. For example, in the picture below, we can see that the attacker uses 0.04 WETH to test the MEV robot and seduce the MEV robot for front-running arbitrage. It was discovered that the pool does have MEV robots monitoring it, and that the MEV robots will use all their funds for arbitrage.
2. After the attacker succeeded in testing, he used a large number of tokens that had been redeemed in Uniswap V3 in advance to conduct exchange operations in the low-liquidity V2 pool, and induced MEV to use all WETH to preemptively purchase worthless tokens. However, the front-running transaction was actually an attack transaction targeting MEV, using a large amount of tokens to swap out all the WETH that MEV had just front-loaded.
3. At this time, since the WETH used by MEV to rush forward has been exchanged by the attack transaction, the operation of the MEV robot to exchange back to WETH will fail.
For example
Summarize
One is because attackers exploit MEVbot-related bugs, which is the main reason why the attack can be completed.
The second reason is that MEV still uses all of its own funds every time it arbitrages in a low-liquidity pool, which is a possible reason why the attack losses are so large.
The third reason is that the same token can be obtained with a small amount of money in uniswap V3, but its value has been manipulated out of balance in the V2 pool. This is the main method used in the attack.
Some references:
https://github.com/flashbots/mev-boost-relay/pull/330
Thanks to twitter @samczsun
Fund Tracking:
As of press time, Beosin KYT anti-money laundering analysis platform found that the main stolen funds are currently located at the address
0x3c98d617db017f51c6a73a13e80e1fe14cd1d8eb($20,051,175.47),
0x5B04db6Dd290F680Ae15D1107FCC06A4763905b6($2,334,519.51),
0x27bf8f099Ad1eBb2307DF1A7973026565f9C8f69($2,971,393.59)。
Approximately $25.2 million.
