TLDR
- A mishap on Uniswap v3 led to a crypto trader losing $215,000 during a stablecoin exchange, targeted by a sandwich attack.
- In a swift maneuver, a malicious bot outpaced a trader's transaction, leading to a massive 98% loss in just 8 seconds, leaving them with a mere $5,271.
- To carry out the attack, the perpetrator incentivized the block constructor 'bob-the-builder.eth' with $200,000, keeping $8,000 as profit.
- It appears this trader was hit multiple times, with potential losses exceeding $480,000, as attackers used various wallets over the same day.
- CEO of Uniswap emphasized that these deals were made outside their official platform, which includes safeguards against MEV attacks.
On March 12, a crypto trader suffered a heavy blow through a sandwich attack that cost them dearly. In an attempt to trade stablecoins, the trader was hit with a financial blow of over $215,000.
Uniswap v3’s USDC-USDT pool was the stage for this attack, underscoring the vulnerabilities of MEV bots in DeFi.
The trader had $220,764 in USDC set to swap for USDT, which should've been a safe exchange, but ended disastrously, leaving them with only $5,271 USDT in seconds.
Facing a near 98% loss, the incident unfolded within Uniswap v3’s pool harboring $19.8 million at stake.
The attack used a 'sandwich' method, where the bot pre-empted the trader's move, first withdrawing USDC liquidity prior to their swap.
With a doomed exchange rate locked in, the bot restored liquidity afterward, enveloping the trader’s actions between two of its own.
Michael Nadeau of The DeFi Report noted the spoils were divided, with the attacker tipping $200,000 to 'bob-the-builder.eth', keeping $8,000 from their exploit.
Is anyone safe using DeFi?
A user on @Uniswap In an attempt to simply exchange $221k USDC for USDT, $216k mysteriously disappeared due to the sandwich attack.
Keep in mind this happened in a pool that held over $35m in USDC and USDT.
This is insane.
How did it happen?
An MEV bot front-ran the tx by… pic.twitter.com/cyzu4M6qfz
— Michael Nadeau The DeFi Report (@JustDeauIt) March 12, 2025
The pattern suggests repeated targeting; according to DeFi researcher 'DeFiac', the same trader might have faced six such attacks in one day.
Two wallet addresses tied to this individual previously encountered similar attacks, losing $138,838 and $128,003 respectively, only minutes apart.
A staggering $714k vanished today across six separate USDC to USDT transactions, each with extreme slippage allowed.
They swapped 732583.429405 USDC for 18636.232611 USDT.
A promised 🧵: pic.twitter.com/0rFNE4DfoP
— DeFiac (@TheDEFIac) March 12, 2025
Every compromised transaction was alike; funds moved from Aave then into Uniswap v3 where the attacks ensued.
Some analysts propose these bizarre trades could be linked to money laundering, as 0xngmi from DefiLlama speculates.
The theory goes that orchestrated transactions are easy prey for MEV bots, laundering funds while considering these losses the cost of cleaning.
Uniswap CEO
At first, fingers were pointed at Uniswap for the mishaps, but the CEO, Hayden Adams, pointed out the occurrences were off their main site.
Uniswap protects against MEV with its interface, having slippage limits that would have warded off such losses.
Users leveraging Uniswap's interface get these security features, but opting for alternative engagement methods exposes them to this threat.
It's a stark reminder of the perils in DeFi: even stablecoin trades aren't immune from technical vulnerabilities.
MEV attacks wreak havoc by letting cunning bots siphon value from traders, often without their knowledge.
The rapidity of the attack, only eight seconds, showcases how swiftly MEV bots can spot and leverage profitable opportunities at others' expense.
$215,000 was drained in one transaction, adding to the mounting tally of funds lost to MEV ploys across blockchains. Similar episodes have occurred, with sums reaching over $700,000.