MEVbots backdoor drains users’ Ethereum funds via arbitrage trading bot
MEV gain, an Ethereum arbitrage trading bot built by MEVbots, which claims to provide stress-free passive income, has been actively draining its users’ funds via a fund-stealing backdoor.
Arbitrage bots are programs that automate trading for profits based on historical market information. An investigation of MEVbots’ contract revealed a backdoor that allows the creators to drain Ether (ETH) from its users’ wallets.
Our analysis confirms what the @mevbots promotes for the so-called “MEV gain” has a fund-stealing backdoor. Do *NOT* fall prey to it https://t.co/z2eDqMF36b. And thanks @monkwithchaos for the heads-up https://t.co/dhSNGljoH0 pic.twitter.com/HWfCAwbae4
— PeckShield Inc. (@peckshield) September 23, 2022
The scam was first pointed out by Crypto Twitter’s monkwithchaos and later confirmed by blockchain investigator Peckshield.
Following the revelation, primary promoter of MEV chemzyeth disappeared from the internet.
Peckshield further confirmed that at least six users had fallen victim to the backdoor attack.
However, considering that the contract is still active, at least 13,000 unwary followers of MEVbots on Twitter remain at risk of losing their funds.
Related: ETHW confirms contract vulnerability exploit, dismisses replay attack claims
Carrying forward the success of scalability-focused layer-2 solutions, Ethereum co-founder Vitalik Buterin shared his vision for layer-3 protocols. He stated:
“A three-layer scaling architecture that consists of stacking the same scaling scheme on top of itself generally does not work well. Rollups on top of rollups, where the two layers of rollups use the same technology, certainly do not.”
One of the use cases for layer-3 protocols, according to Buterin, is “customized functionality” — aimed at privacy-based applications which would utilize zk proofs to submit privacy-preserving transactions to layer 2.