The decentralized finance (DeFi) space has been rocked by another hack, this time targeting some of the top MEV bots in a single block, leaving a $25 million loss in its wake.
The attack appears to have been well-planned, as the attackers became a validator just 18 days before executing the plan, and prepared the tokens 16 days ahead of time. The attack, which was carried out on a small number of sandwich bundles in a single block, could be a turning point for the entire MEV ecosystem.
According to what the blockchain security firm PeckShieldAlert posted on on Twitter, the stolen funds are primarily located in three addresses: 0x3c98, holding approximately $20 million, 0x5b04 with around $2.3 million, and 0x27bf, containing roughly $3 million. It is worth noting that these eight addresses were originally funded from Kucoin.
The attack on the top MEV bots highlights the importance of security in DeFi. Although the industry has made significant strides in improving security measures, it’s clear that more needs to be done. There’s a growing need for more robust security measures to protect users’ funds and prevent such attacks from occurring.
In a related incident, the DeFi project SafeMoon saw its liquidity pool (LP) compromised a few days ago through a public token bug. The attacker drained wrapped BNB (WBNB) from the protocol, leading to a loss that is yet to be determined. SafeMoon disclosed the attack on Twitter and announced that it was working to resolve the issue as soon as possible. However, the platform did not provide any details about the incident.
