The notorious MEV sandwich bot, known as “arsc,” has managed to siphon off approximately $30 million from Solana users over the past two months through MEV attacks.
In these attacks, the perpetrator strategically places the victim’s transaction between their own two transactions to manipulate prices and make a profit by buying the victim’s tokens at a discounted price and selling them in the same block.
Ben Coverston, the founder of cryptocurrency firm MRGN Research, revealed in a post on X on June 15 that “arsc” has been operating discreetly while generating profits from unsuspecting Solana network users.
One of the bot’s main wallet addresses, “9973h…zyWp6,” is believed to be primarily used for cold storage, holding over $19 million in total funds, including $17 million worth of Solana (SOL) tokens and $1.1 million in Circle’s USD Coin (USDC) stablecoin, as well as smaller amounts of wrapped-SOL (wSOL), Cringe Coin (CRINGE), and Kabosu (KAB).
Another active wallet, with the address “Ai4zq…VXKKT,” is heavily involved in decentralized finance activities, gradually converting SOL into USDC via JUP DCA and holding significant positions in Kamino and various LSTs, with over $9.9 million in total funds consisting mainly of non-SOL tokens.
Coverston also identified a third wallet address, “BCbrp…vi58q,” which he believes serves as arsc’s primary SOL bank, utilizing multiple signers and tippers to carry out the sandwich attacks.
In total, these three wallets hold around $29.8 million at current prices, with the operator behind arsc seemingly making an effort to maintain a low profile.
MEV sandwich bots like arsc employ sophisticated algorithms to exploit profit opportunities, a common practice not only on Solana but also on Ethereum, where over $1.38 billion has been lost by Ethereum users to MEV attacks as of April 2023, according to MEVBlocker.
In conclusion, users should exercise caution when investing in Solana memecoins to avoid falling victim to malicious actors like arsc.