The MEV sandwich bot “arsc” has managed to accumulate approximately $30 million by exploiting Solana users through MEV attacks in just two months. These attacks occur when an attacker positions their own transactions around a victim’s transaction, manipulating prices and profiting by purchasing tokens at a lower price and selling them at a higher price within the same block. Ben Coverston, founder of MRGN Research, highlighted the actions of the bot, noting that it operates from a wallet address labeled “9973h…zyWp6” and employs a cold storage strategy to safeguard its funds. The wallet holds over $19 million in total funds, including Solana tokens, USD Coin stablecoin, wrapped-SOL, Cringe Coin, and Kabosu.
Another wallet identified as “Ai4zq…VXKKT” is more active within decentralized finance activities and gradually converts SOL into USDC through JUP DCA, holding significant positions in Kamino and various LSTs. This wallet has over $9.9 million in total funds, primarily comprising non-SOL tokens. A third wallet address, “BCbrp…vi58q,” is believed to serve as arsc’s “main SOL bank” and employs multiple signers and tippers to execute the sandwich attacks. Together, these three wallets hold a total of $29.8 million based on current prices, with the operator behind arsc actively trying to maintain a low profile to avoid attention.
MEV sandwich bots rely on sophisticated algorithms to identify and exploit profit opportunities by manipulating transactions. Similar activities have been observed among maximal extractible value bots on Ethereum, with research suggesting that over $1.38 billion had been extracted from Ethereum users by April 2023. Earlier this year, a MEV arbitrage bot operator named 2Fast achieved a profit of $1.8 million from a single transaction bundle, transforming an initial investment of 703 SOL into 19,035 SOL. An additional 890 SOL was tipped to Figment, a network validator, demonstrating the potential profits that can be made through MEV attacks.
The operator behind the arsc bot appears to be actively trying to hide their activities and profits, using multiple wallets and signers to execute sandwich attacks while maintaining a low profile. Coverston highlighted the behavior of the bot and the wallets associated with it, indicating that they have recently gone to great lengths to conceal their actions. MEV sandwich attacks continue to pose a threat to users on the Solana network, as attackers profit by exploiting vulnerabilities in the system. It is essential for users to stay vigilant and be aware of the risks associated with interacting with decentralized finance platforms to avoid falling victim to such attacks.
The prevalence of MEV sandwich bots highlights the importance of addressing vulnerabilities in decentralized finance systems to protect users from exploitation. The significant profits accumulated by these bots demonstrate the potential risks involved in participating in transactions on blockchain networks. As the crypto space continues to evolve, it is crucial for regulators, developers, and users to collaborate in implementing safeguards and security measures to prevent malicious actors from profiting at the expense of unsuspecting users. By raising awareness and implementing effective security protocols, the crypto community can work towards creating a safer and more secure environment for all participants.
