An Ethereum arbitrage trading bot managed to win and lose the jackpot on the same day in a ridiculous turn of events in decentralized finance (DeFi).
Robert Miller of research firm Flashbots tweeted how a maximum extractable value (MEV) bot with the prefix 0xbadc0de was able to earn 800 ether (ETH), or about $1 million, through arbitrage trades.
According to Miller, the bot took advantage of a huge arbitrage opportunity that came when a trader tried to sell $1.8 million in cUSDC through Uniswap v2 decentralized exchange (DEX) and received just $500 worth of assets in return. Having discovered this opportunity, the bot immediately launched and made a huge profit.
However, just an hour later, a hacker exploited a vulnerability in the “bad code” 0xbadc0de and tricked him into allowing a transaction that depleted his balance of 1,101 ETH, which at the time of writing was about $1.41 million.
According to blockchain security firm PeckShield, the vulnerability can be traced back to a bot callback procedure that a hacker used to allow a transaction to be made from an arbitrary address.
RELATED: Pantera CEO optimistic about DeFi, Web3 and NFT as Token2049 launches
On September 18, a vulnerability was exploited in the Ethereum vanity address generator, resulting in $3.3 million being withdrawn from various wallets. Investigations by the 1-inch Decentralized Exchange (DEX) aggregator network have revealed ambiguity regarding the creation of wallets. The DEX has warned users that their wallets are at risk and encouraged them to transfer their assets.
Over a week later, another ego wallet address was used and almost $1 million in ETH was leaked. After the money was stolen, the hackers immediately sent it to the controversial crypto mixer Tornado Cash.