TLDR
- A crypto trader lost $215,000 in a sandwich attack while swapping stablecoins on Uniswap v3
- The MEV bot front-ran the transaction, leaving the victim with only $5,271 (98% loss) in just 8 seconds
- The attacker paid block builder “bob-the-builder.eth” a $200,000 tip and kept $8,000 profit
- Same trader may have been attacked 6 times in one day using different wallets, losing over $480,000 total
- Uniswap CEO clarified these transactions didn’t use their official interface which has MEV protection
A crypto trader fell victim to a costly sandwich attack on March 12, losing more than $215,000 while attempting to swap stablecoins.
The attack happened on Uniswap v3’s USDC-USDT liquidity pool and highlights the dangers of Maximum Extractable Value (MEV) bots in decentralized finance.
The trader started with $220,764 worth of USD Coin (USDC) to swap for Tether (USDT). What should have been a routine swap between stablecoins turned into a disaster. Within just eight seconds, the victim was left with only $5,271 in USDT.
This represents a loss of nearly 98% of the original value. The attack took place on Uniswap v3’s USDC-USDT liquidity pool, which currently holds about $19.8 million in locked value.
The MEV bot carried out what experts call a “sandwich attack.” This involved the bot front-running the victim’s transaction. The attacker first removed all USDC liquidity from the pool before the victim’s swap went through.
After the victim’s transaction executed at a terrible exchange rate, the bot returned the liquidity to the pool. This type of attack is named for how it “sandwiches” the victim’s transaction between two bot transactions.
Michael Nadeau, founder of The DeFi Report, shared details about how the profits were split. The attacker paid the Ethereum block builder known as “bob-the-builder.eth” a $200,000 tip from the stolen funds. The bot operator kept around $8,000 as their own profit.
Is anyone safe using DeFi?
A user on @Uniswap v3 was just sandwiched attacked out of $216k while simply trying to swap $221k USDC to USDT.
Mind you, this was a pool that had over $35m of USDC and USDT it.
This is insane.
How did it happen?
An MEV bot front-ran the tx by… pic.twitter.com/cyzu4M6qfz
— Michael Nadeau | The DeFi Report (@JustDeauIt) March 12, 2025
This may not be an isolated incident. DeFi researcher “DeFiac” believes the same trader was targeted multiple times on the same day. Using internal tools, the researcher found evidence suggesting the trader was hit by six sandwich attacks in total.
Two other wallet addresses linked to the same trader were also attacked earlier that day. The wallets “0xDDe…42a6D” and “0x999…1D215” lost $138,838 and $128,003 in similar attacks. These attacks happened just minutes apart from each other.
Unknown entity got sandwiched for 714k today on six separate USDC -> USDT swaps. (Traded with 100% slippage allowed.)
They swapped 732583.429405 USDC for 18636.232611 USDT.
A promised ????: pic.twitter.com/0rFNE4DfoP
— DeFiac (@TheDEFIac) March 12, 2025
All the attacked transactions followed the same pattern. The funds first moved from Aave, a popular borrowing and lending protocol. Then they were deposited into the same Uniswap v3 USDC-USDT pool where the attacks took place.
Some experts have raised the possibility that these unusually bad trades might be connected to money laundering. 0xngmi, the founder of crypto data dashboard DefiLlama, suggested this could be a method to wash illicit funds.
This theory involves creating transactions that are easy targets for MEV bots. By privately sending these transactions to specific bots, someone could potentially launder money while accepting the losses as a cost of cleaning the funds.
Uniswap CEO
Initially, some critics blamed Uniswap for the incident. However, Uniswap CEO Hayden Adams quickly clarified that these transactions did not come through Uniswap’s official interface.
The Uniswap front-end includes built-in MEV protection features. It also has default slippage settings that would have prevented such losses. Slippage refers to the difference between expected and actual prices in a trade.
Users who access Uniswap through its official interface benefit from these protections. However, those who interact with the protocol through other means may remain vulnerable to such attacks.
This incident serves as a reminder of the risks in decentralized finance. Even when trading between stablecoins, which should maintain steady values, traders can fall victim to technical exploits.
MEV attacks continue to be a problem in the DeFi ecosystem. They allow sophisticated bots to extract value from regular users’ transactions, often without those users even realizing what happened.
Blockchain data showed that the entire attack happened in just eight seconds. This highlights how quickly MEV bots can identify and exploit opportunities for profit at the expense of other users.
The $215,000 loss from this single transaction adds to the growing list of funds extracted through MEV techniques on various blockchains. Similar incidents have happened before, including one where a trader lost over $700,000 in a comparable attack.
