MEVbots backdoor drains users’ Ethereum funds via arbitrage trading bot

MEV Gain, an Ethereum (ETH), arbitrage trading bot created by MEVbots, has been actively draining its user’s funds via a fund-stealing Backdoor.

Arbitrage bots automate trading to make profits using historical market data. A look at MEVbots’ contract revealed that there is a backdoor that allows its creators to take Ether from its users’ accounts.

Our analysis shows that the “MEV Gain” promoted by @mevbots has a backdoor to fund-stealing. Do *NOT* fall prey to it And thanks @monkwithchaos for the heads-up
— PeckShield Inc., (@peckshield), September 23, 2022

This scam was first discovered by Crypto Twitter’s @monkwithchaos, and then confirmed by Peckshield, a blockchain investigator.

@chemzyeth suspect account promoting MEV services. Source: Google cache

After the revelation, the primary promoter of MEV @chemzyeth vanished from the internet.

After a community callout, @chemzyeth’s twitter account was deleted. Source: Twitter

Peckshield confirmed that at most six people had been affected by the backdoor attack.

Transaction of stolen funds through MEV gain’s backdoor fund-stealing scheme. Source: Peckshield

Nevertheless, the contract is still in effect, so at least 13,000 Twitter followers of MEVbots are at risk of losing their funds.

Related: ETHW dismisses replay attack claims, confirms contract vulnerability exploit

Vitalik Buterin, Ethereum cofounder, shared his vision for layer-3 protocols to continue the success of layer-2 solutions that are scalable-focused. He said:

A three-layer scaling structure that involves stacking the same scaling schemes on top of each other is not recommended. Rollups on top rollups are not a good idea, especially if the two layers of rollups have the same technology.

Buterin says that layer-3 protocols can be used for “customized functionality”, which is privacy-based applications that use zk proofs in order to submit privacy-preserving transactions at layer 2.

Close Bitnami banner