VERDICT —UNRATED
Verdict pending. Auto-ingested incidents are reviewed before a public verdict is rendered.
Root cause
Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Forensic narrative
A bot named 0xbadc0de made a windfall when traders tried to sell 1.8 million cUSDC (USDC on the Compound protocol) ($1.85 million in nominal value), but only got $500 of the asset due to low liquidity in return. However, the MEV bot made a profit of 800 ETH (~$1 million) from the sold carry trade. An hour later, a hacker exploited a bug in 0xbadc0de's badc code to withdraw all 1,101 ETH (~$1.5 million) in the contract. Attack method (per SlowMist): Contract Vulnerability. Reported loss: $ 1,500,000.
Primary source
https://rekt.news/ripmevbot/ ↗Sourced from
slowmist
Technical record
- chain
- —
- protocol
- MEV Bots
- bug_class
- logic
- date_occurred
- 2022-09-28
- loss_usd
- $1,500,000
- source_id
- sm:mev-bots::2022-09-28
Related — same bug class· logic