MEV Bot Makes $1M, Loses Everything to Hacker After One Hour

MEV Bot Trader

Miller claims that a trader tried to sell $1.8 million in cUSDC using the decentralized exchange (DEX) Uniswap v2 but received just $500 worth of assets in return, presenting a remarkable arbitrage opportunity for the bot. The bot quickly acted after spotting this chance to capitalize and made enormous earnings.

However, a hacker took advantage of a flaw in 0xbadc0de's "bad code" just an hour later, tricking it into approving a transaction that wiped its account of 1,101 ETH, which at the time of writing was equivalent to $1.41 million.

According to PeckShield, the bug can be traced back to the bot's callback procedure, which the hacker used to authorize an arbitrary address for spending.

Different Bugs And Different Thefts

A bug in Profanity, an Ethereum vanity address generator, was hacked on September 18 and led to the loss of $3.3 million from many wallets. The 1inch Network, a decentralized exchange (DEX) aggregator, found that the formation of the wallets was unclear after conducting investigations. The DEX advised customers to relocate their funds after alerting them that their wallets were at risk.

Over a week later, another vanity wallet account was exploited, and over $1 million worth of ETH got seized. The hackers took the funds and transferred them straight away to Tornado Cash.

Funds Raised to Prevent Theft of Ethereum Wallets

Yesterday, Harpie, an on-chain firewall provider, raised $4.5 million in a seed round to protect customers against Bitcoin theft. The round was headed by Dragonfly Capital. OpenSea and Coinbase Ventures also took part.