Unsiwap [UNI] rocked by sandwich attack, $25M stolen: Investigations show…

Uniswap’s liquidity pool suffered an attack amounting to a $25 million loss. Investigation showed that a validator could be involved.

Uniswap [UNI] has become the latest casualty of exploits in the cryptocurrency industry. The attack was on the protocol’s Liquidity Pool (LP) and ended in the perpetrators carting away $25.2 million. A smart contract developer, who pseudonymously goes by Punk3155 on Twitter, alerted the community about the issue.

Dusk for sandwich bots? A few top mev bots were targetted in block @BlockSecTeam @bertcmiller @samczsun @bbbb

— 3155.eth (@punk3155) April 3, 2023

Validator gone rogue?

The developer who monitored every step of the activity noted that it was likely the handwork of crook validators who joined the protocol 18 days back. He pointed out,

Blockchain security platform PeckShield Alert also chimed in on the cause and perpetrators. Through the investigation, the firm was able to locate where the stolen funds were transferred, with PeckShield noting that eight addresses that emerged from the KuCoin exchange were involved, and the funds were stored in three of them.

#PeckShieldAlert The stolen funds (~25M) are mainly located in 3 addresses, 0x3c98…8eb (~20M), 0x5b04…5b6 (~2.3M) and 0x27bf…f69 (~3M)0x84cB…8D1, 0x88Fd…7EE, 0x94e0…87C, 0x0429…46C, 0xEafc…D1B, 0xCaCE…975, 0x5b04…5b6 and 0x27bf…f69 these 8 addresses were…

— PeckShieldAlert (@PeckShieldAlert) April 3, 2023

Further scrutiny of the event revealed that it was a sandwich attack. Sandwich attacks occur when atrocious traders look for a pending transaction within a network and manipulate the order of transactions in the block.

In this instance, the eight addresses were able to exploit the Uniswap exposure and capitalized on it. In addition, Uniswap could have been an easy target since it uses a price curve based on liquid demand and supply.

Loophole detected but blames on no none

PeckShield also explained without laying blame that there was a broken bot action from the Miner Extractable Value (MEV). The MEV is described as the value that miners can obtain from the order of transactions during block production. And this helped in granting access to hackers. The tweet by the blockchain firm read,

“Our analysis shows that the victim txs were replaced by the bot-exploiting transactions, which already included the reverse swap to take profits.”

This attack represented one of the few notable ones the crypto ecosystem has experienced in 2023. Unlike last year when such occurrences were rampant, there seems to have been some calm.

Meanwhile, Lookonchain was able to provide more information about the incident. According to him, the asset carted ways included 5.3 million USD Coin [USDC], 1.7 million MakerDAO [DAI], some Tether [USDT], Wrapped Bitcoin [WBTC], and Wrapped Ether [WETH].

8 addresses stole $25.2M assets from 8 #Uniswap pools by #Sandwich attacking.

Including: – 7,461 $WETH ($13.4M) – 5.3M $USDC – 3M $USDT – 65 $WBTC ($1.8M) – 1.7M $DAI

And these 8 addresses are funded by @kucoincom.

— Lookonchain (@lookonchain) April 3, 2023

An occurrence like this reflects the reality of the loopholes still present in the DeFi ecosystem. As such, there might be a need for better security infrastructure. However, Uniswap has not commented on the issue at the time of writing.

Read the best crypto stories of the day in less than 5 minutes Subscribe to get it daily in your inbox. Please select your Email Preferences. The Daily Digest The Weekly Digest

Leave a Reply