Crypto Sleuths Reveal MEVbots Uses Backdoor To Drain Users’ Ethereum Assets

An investigation into MEVbots’ arbitrage trading bot uncovered the existence of a backdoor that allows random addresses to siphon Ethereum funds.
Dot
January 29, 2023
Ayush Pande

As a tech enthusiast who's always on the prowl for the latest developments concerning crypto and hardware, you can find him covering news stories or tinkering with PCs.

TABLE OF CONTENTS
PeckShield’s tweet reads, “Our analysis confirms what the @mevbots promotes for the so-called "MEV gain" has a fund-stealing backdoor. Do *NOT* fall prey to it.“

An investigation into MEVbots’ arbitrage trading bot uncovered the existence of a backdoor that allows random addresses to siphon Ethereum funds.

Arbitrage trading bots are programs that compare crypto prices between exchanges and execute orders to profit from the price differences. Due to differences in investor demand, the prices of crypto can vary between exchanges. These automated bots can place buy and sell orders to capitalize on price variations.

Last month, MEVbots released its arbitrage trading bot, MEV gain. The bot is compatible with Uniswap's pools and runs on Ethereum pairs. It promises an ROI of 7-9% daily and requires users to connect their MetaMask wallets. 

Twitter user @monkwithchaos revealed the bot’s contract contains a backdoor using which its creators can steal Ethereum assets from users’ wallets.

On-chain sleuth ZachXBT claimed they called out to MEVbots in July. According to them, MEVbots was earlier called MEVtech, with Nuri as its profile name. 

After charging 1 ETH for the bot, Nuri would drain users’ funds after they run it on their systems. The firm would then launder the stolen funds via Tornado Cash. ZachXBT reported two victims lost ETH tokens worth $44M in July.

As a result, blockchain security firm PeckShield investigated MEV gain's contract. The firm's analysis confirmed @monkwithchaos' findings.

PeckShield’s investigation also revealed that at least 5.37 ETH were stolen from six wallets within the last few hours.

Crypto Sleuths Reveal MEVbots Uses Backdoor To Drain Users’ Ethereum Assets

HomeEthereum
Contents
PeckShield’s tweet reads, “Our analysis confirms what the @mevbots promotes for the so-called "MEV gain" has a fund-stealing backdoor. Do *NOT* fall prey to it.“

An investigation into MEVbots’ arbitrage trading bot uncovered the existence of a backdoor that allows random addresses to siphon Ethereum funds.

Arbitrage trading bots are programs that compare crypto prices between exchanges and execute orders to profit from the price differences. Due to differences in investor demand, the prices of crypto can vary between exchanges. These automated bots can place buy and sell orders to capitalize on price variations.

Last month, MEVbots released its arbitrage trading bot, MEV gain. The bot is compatible with Uniswap's pools and runs on Ethereum pairs. It promises an ROI of 7-9% daily and requires users to connect their MetaMask wallets. 

Twitter user @monkwithchaos revealed the bot’s contract contains a backdoor using which its creators can steal Ethereum assets from users’ wallets.

On-chain sleuth ZachXBT claimed they called out to MEVbots in July. According to them, MEVbots was earlier called MEVtech, with Nuri as its profile name. 

After charging 1 ETH for the bot, Nuri would drain users’ funds after they run it on their systems. The firm would then launder the stolen funds via Tornado Cash. ZachXBT reported two victims lost ETH tokens worth $44M in July.

As a result, blockchain security firm PeckShield investigated MEV gain's contract. The firm's analysis confirmed @monkwithchaos' findings.

PeckShield’s investigation also revealed that at least 5.37 ETH were stolen from six wallets within the last few hours.

Ayush Pande

As a tech enthusiast who's always on the prowl for the latest developments concerning crypto and hardware, you can find him covering news stories or tinkering with PCs.

PeckShield’s tweet reads, “Our analysis confirms what the @mevbots promotes for the so-called "MEV gain" has a fund-stealing backdoor. Do *NOT* fall prey to it.“

An investigation into MEVbots’ arbitrage trading bot uncovered the existence of a backdoor that allows random addresses to siphon Ethereum funds.

Arbitrage trading bots are programs that compare crypto prices between exchanges and execute orders to profit from the price differences. Due to differences in investor demand, the prices of crypto can vary between exchanges. These automated bots can place buy and sell orders to capitalize on price variations.

Last month, MEVbots released its arbitrage trading bot, MEV gain. The bot is compatible with Uniswap's pools and runs on Ethereum pairs. It promises an ROI of 7-9% daily and requires users to connect their MetaMask wallets. 

Twitter user @monkwithchaos revealed the bot’s contract contains a backdoor using which its creators can steal Ethereum assets from users’ wallets.

On-chain sleuth ZachXBT claimed they called out to MEVbots in July. According to them, MEVbots was earlier called MEVtech, with Nuri as its profile name. 

After charging 1 ETH for the bot, Nuri would drain users’ funds after they run it on their systems. The firm would then launder the stolen funds via Tornado Cash. ZachXBT reported two victims lost ETH tokens worth $44M in July.

As a result, blockchain security firm PeckShield investigated MEV gain's contract. The firm's analysis confirmed @monkwithchaos' findings.

PeckShield’s investigation also revealed that at least 5.37 ETH were stolen from six wallets within the last few hours.

Written by
Ayush Pande