link.png

ID:

mevbot-0xbad-1181

Date:

Status:

Incident Count:

September 27, 2022

Verified

1

info.png
target.png
REKT

Contributor:

chain.png

web3rekt.com

KYC By:

KYC:

None

info.png

Audit By:

Audits:

None

Loss Amount:

1,459,510

info.png

Recovered:

-

Rewards:

Ticker:

USD, ETH

info.png

Key Indicators

Platform:

Type:

Category:

Method:

Data Sources:

Ethereum

MEVBots

Assets

Contract Vulnerabilities

Extended Method:

Bug in callFunction allowing exploiter to set address for spending to his own

info.png

Days in Operation:

0

chain.png
chain.png
chain.png
chain.png
datasource.png

According to bertcmiller, xbaDc0dE is the prefix of the contract for a mempool bot that's been pretty active on ETH in the last few months. In that time they sent ~220k transactions to Ethereum, in all arbs or trying to cancel arbs. Earlier today some poor soul tried to sell $1.8m in cUSDC on Uniswap v2 (!). They got ~$500 out in return. The profit from this was ~800 ETH!

Peckshield Alert reported a very profitable MEV bot, internally named as 0xbad (0xbaDc0dE), was somehow tricked/hacked with 1,101 ETH loss (~$1.45M). The bot owner posted an onchain message as follows:

Congratulations on this, we got careless and you sure managed to get us good, that was not easy to see. We would like this cooperate with you on resolving this matter. Return the funds to 0x19603D249DF53d8b1650c762c4dF31f013Dce840 before September 28 at 23:59 GMT and we will consider this a whitehat, we will give you 20% of the retrieved amount as a bug bounty, payable as you see fit. Should the funds not be returned by then, we will have no choice but to pursue accordingly with everything in our power with the appropriate authorities to retrieve our funds.

info.png

DISCLAIMER: While web3rekt has used the best efforts in aggregating and maintaining this database, this web site makes no representations or warranties with respect to the accuracy or completeness of its information and data herein, and specifically disclaim any implied warranties of merchantability or fitness for any particular purpose. 

Under no circumstances, shall web3rekt be liable for any loss of profit or funds, any regulatory or governmental penalties, any legal costs, or any other commercial and non-commercial damages, including but not limited to special, incidental, consequential, or other damages from any or all usage of the data and information derived from this database.