How Does a Solana Bot Exploit MEV for $30M Profit?

In the endlessly evolving world of cryptocurrencies, an audacious Solana-based bot known as “arsc” has swiftly advanced to notoriety. This ingenious program has leveraged a technique called “sandwich attack” to pilfer approximately $30 million from Solana users within just two months. The operation centers on a cunning exploitation of maximal extractable value (MEV), a concept referring to the profit a miner can make through the inclusion, exclusion, or reordering of transactions within a blockchain block. Bots like “arsc” exploit this by essentially cutting in line. They strategically position a user’s transaction amidst two they control, facilitating the purchase of crypto at lower than market prices and the subsequent immediate sale at a higher rate, all within the span of a single block.

This sophisticated scheme has been traced back to a few key wallets, including one particularly large cache purportedly used for cold storage. Housing over $19 million, its assets are predominantly in Solana’s SOL and Circle’s USD Coin (USDC). Besides cold storage, there’s another hive of activity – a wallet engaging continuously in decentralized finance (DeFi) processes, shrewdly converting SOL to USDC. The ceaseless churn of these conversions is part of a grander strategy to veil the bot’s manipulations from the wary eyes of researchers and users alike.

Tracking the Trails of MEV Bots

In the dynamic panorama of digital currencies, a Solana-based bot nicknamed “arsc” has surged to infamy. It masterfully employs a “sandwich attack” to usurp around $30 million from users on the Solana network over a mere two months. By exploiting a niche known as maximal extractable value (MEV), it profits by manipulating the sequence of transactions in a blockchain block.

“arsc” intrudes into the transaction queue, sandwiching an unsuspecting user’s trade between its own. This ploy allows the bot to buy cryptocurrency cheaply and flip it immediately at a higher price in one block, making an instant profit.

Investigators have linked the scam to several wallets, with one holding a staggering $19 million – purportedly a cold storage trove, rich in Solana’s SOL and USD Coin (USDC) from Circle. Another wallet under scrutiny shows relentless DeFi activity, constantly trading SOL for USDC. This frenzy masks the bot’s activities, keeping the operation under the radar of researchers and Solana participants.

Explore more

Ethereum Uses AI Swarms to Proactively Patch Network Flaws

The architectural integrity of global decentralized networks has reached a pivotal juncture where the speed of malicious exploitation often outpaces the traditional cadence of human-led security audits. To address this widening gap, The Ethereum Foundation has fundamentally transitioned its security strategy from a reactive model to an automated, proactive defense paradigm that leverages the power of machine learning. This shift

How Is ERP Modernization Driving DLA to Audit Readiness?

The Defense Logistics Agency currently manages an intricate global supply chain that serves as the backbone for the United States military, requiring an unprecedented level of financial precision and operational transparency to meet modern oversight requirements. This massive undertaking involves a transition from aging, siloed legacy systems to a unified Enterprise Resource Planning environment designed to provide real-time visibility into

What Makes Odyssey Infostealer a Global Threat to macOS?

The long-standing myth that macOS remains immune to sophisticated cyberattacks has been decisively shattered by the emergence of the Odyssey infostealer, a highly specialized malware variant engineered to bypass modern system integrity protections. This transition represents a fundamental shift in the threat landscape, where the historical security-by-obscurity advantage once enjoyed by Apple users has entirely vanished. As the adoption of

Can AI Secure Windows Without Compromising Stability?

The sheer scale of modern software development has reached a point where manual code review is no longer sufficient to protect the billions of devices running Windows across the globe. As lines of code multiply and interdependencies become more complex, traditional security measures are struggling to keep pace with the rapid evolution of sophisticated digital threats. In response to this

Xero Launches JAX to Redefine Accounting with Agentic AI

Small business owners have historically spent an exhausting amount of time tethered to spreadsheets and receipts, but the emergence of agentic AI is finally turning those static records into a living, breathing financial command center that operates with minimal human oversight. With more than five million global subscribers now integrated into its ecosystem, Xero is spearheading a movement toward Accountable