A cryptocurrency trader lost nearly 98% of their funds in a sandwich attack while attempting to swap $220,764 worth of USD Coin (USDC) for Tether (USDT) on March 12. The trader ended up receiving just $5,271 after the transaction was front-run by a Maximum Extractable Value (MEV) bot.

According to on-chain data, the attack took place on Uniswap v3’s USDC-USDT liquidity pool, which holds around $19.8 million in locked value. 

The MEV bot exploited the trader by temporarily draining all USDC liquidity from the pool before the swap was executed, only to restore it moments later. As a result, the bot siphoned off approximately $215,500 from the trade.

Michael Nadeau, founder of The DeFi Report, explained that the attacker successfully front-ran the transaction by withdrawing all available USDC liquidity, executing the victim's trade under unfavorable conditions, and then replenishing the pool. 

The attacker tipped Ethereum block builder ‘bob-the-builder.eth’ $200,000 from the swap and profited $8,000 themselves. Further investigation by DeFi researcher “DeFiac” suggests that the same trader, using different wallets, may have fallen victim to similar sandwich attacks at least six times. 

Data indicates that the funds involved in these transactions were initially borrowed from the Aave protocol before being used on Uniswap. Two additional wallets were targeted in sandwich attacks around the same time, suffering losses of $138,838 and $128,003, respectively. These wallets attempted to make the same USDC-to-USDT swap as the primary victim.

While some see this as a case of predatory MEV tactics, others speculate the transactions could be attempts at money laundering. 

Crypto data dashboard DefiLlama’s founder, 0xngmi, suggested that illicit actors could deliberately construct MEV-exploitable transactions and privately share them with bots to obscure the origin of funds. He theorized that if someone had illicit funds, they could construct a very MEV-able transaction, then privately send it to an MEV bot and have them arbitrage it in a bundle, effectively washing the money with close to zero losses.

Initial criticism was directed at Uniswap for not protecting users from such exploits. However, after further clarification, Nadeau acknowledged that the transactions did not originate from Uniswap’s front end, which has built-in MEV protection and default slippage settings. Uniswap CEO Hayden Adams and others pointed out that the platform already includes safeguards against sandwich attacks, but users who bypass these settings or use custom routes may still be vulnerable.

Nadeau outlined that traders can mitigate the risk of MEV attacks by reducing slippage tolerance on transactions, using decentralized aggregators like CowSwap for more secure execution, and utilizing a custom RPC that does not publicly expose transactions before they are confirmed.