In a mere two months, the notorious maximal extractable value (MEV) sandwich bot known as “arsc” managed to amass around $30 million through MEV attacks targeting Solana users. These sandwich attacks involve the attacker strategically placing their transactions around a victim’s transaction to manipulate prices and profit by purchasing tokens at a discounted price and selling them quickly in the same block.
On June 15, Ben Coverston, the founder of cryptocurrency company MRGN Research, exposed the activities of the secretive sandwich bot “arsc” that has been exploiting unsuspecting Solana network users. Coverston noted that the bot, operating primarily from a wallet address labeled “9973h…zyWp6,” is using a cold storage strategy to safeguard its funds. This wallet currently holds over $19 million in total funds, including $17 million in Solana tokens and $1.1 million in Circle’s USD Coin (USDC) stablecoin, along with smaller amounts of Kabosu (KAB), Cringe Coin (CRINGE), and Wrapped Solana (wSOL).
Additionally, Coverston highlighted another active wallet labeled “Ai4zq…VXKKT,” which is engaged in decentralized finance activities, particularly converting SOL to USDC using Jupiter’s dollar-cost averaging feature. This wallet also holds significant positions in Kamino and other liquidity-staking tokens worth over $9.9 million, mainly in non-SOL tokens.
Coverston also mentioned a third wallet address, “BCbrp…vi58q,” believed to be arsc’s main SOL bank, where the combined tokens are valued at $29.8 million at current market prices. MEV sandwich bots leverage sophisticated algorithms to exploit profit opportunities, a trend seen not only on Solana but also on Ethereum. For instance, earlier this year, an MEV arbitrage bot operator named 2Fast generated a profit of $1.8 million from a single transaction bundle, turning an initial investment of 703 SOL into 19,035 SOL.
As the activities of MEV bots gain attention, regulatory bodies like the European Securities and Markets Authority (ESMA) are looking into MEV as a potential form of illegal market abuse under the proposed technical standards for the Markets in Crypto-Assets (MiCA) regulation. In a related development, an anonymous MEV bot operator refunded $70k in ETH from a Curve Finance attack.