Author: Frank, PANews
The world has long been suffering from MEV. Despite the complaints, MEV robots have not been restricted and are still accumulating wealth through the “sandwich attack.”
On June 16, a researcher named Ben exposed a MEV robot with the address starting with arsc on social media, which had earned over 30 million dollars in just 2 months. PANews conducted a detailed analysis of this MEV robot’s behavior and operations to reveal how it managed to generate millions in wealth.
Like building a sandcastle, the sandwich attack is a market manipulation strategy where attackers insert their own transactions in blockchain trades to profit from price changes caused by victims’ transactions.
The robot, arsc, made 494 transactions in a 20-minute window on April 21, increasing its SOL balance from 449 to 465. This means that in just 20 minutes, arsc made a profit of 16 SOL through the sandwich attack, translating to approximately $17,280 in daily earnings.
PANews found that arsc averaged an investment of $6,990 per transaction, with an average return of $38 per transaction and an average return rate of 3.44%. Orders ranging from $43 to $160,000 were targeted, with higher-value orders yielding higher returns.
As arsc’s capital grew, its profits increased steadily. On April 22, it made a profit of 63 SOL in just half an hour, doubling its daily profit to around 3,000 SOL. In a span of 2 months, arsc earned a total of 209,500 SOL, with a daily profit of 3,800 SOL, equivalent to about $570,000.
The attacker transferred the profits to the address 9973, then to Ai4z, and converted the SOL tokens to USDC through a decentralized exchange. Ai4z also staked SOL tokens with several Solana validators, including Laine, Jito, Pumpkin’s, Jupiter, Marinade, and Blazestake.
While MEV has its advantages in maintaining blockchain network health, Solana’s current system allows for vulnerabilities like the sandwich attack. The Solana Foundation’s efforts to remove validators involved in the attack have had limited success.
Engaging in the sandwich attack is not without legal risks, as demonstrated by cases like the Pepaire-Bueno brothers who were arrested for exploiting a similar vulnerability on Ethereum to steal $25 million in cryptocurrency.
arsc has paused the sandwich attack and is attempting to conceal past actions by flooding the Solana browser with small transactions. However, public outrage has led to calls to track down the individuals behind this mysterious attacker, who may face serious legal consequences in the near future.