A sandwich attack is a type of MEV (Maximal Extractable Value) exploit that takes advantage of pending transactions in DeFi trading. MEV refers to the maximum value that miners or validators can extract by reordering, including, or censoring transactions within a single block during block production. In DeFi, bots often exploit MEV using techniques like front-running and back-running. When both of these occur within a single block, it creates a sandwich attack where a malicious actor inserts their own transactions around a user’s trade, effectively “sandwiching” it.
One of the most extreme examples comes from the infamous “jaredfromsubway,”. This well-known MEV bot operator pocketed over $1 million in just one week through a string of sandwich attacks targeting traders of the Pepe (PEPE) and Wojak (WOJAK) memecoins.
Here’s how it works:
1. Front-running: The attacker detects a pending transaction on the blockchain (usually a large buy order) and places their own buy order right before the original trade. This pushes the price up just before the user’s trade executes.
2. User’s trade: The user’s transaction goes through at the now artificially inflated price. They receive fewer tokens than expected due to the sudden price increase caused by the attacker’s buy order.
3. Back-running: Once the user’s trade is executed, the attacker sells their tokens at the inflated price, effectively locking in a profit at the user’s expense.
The user is “sandwiched” between the attacker’s two trades, ultimately paying significantly more for their trade than initially expected.
