MEVbots backdoor drains users’ Ethereum funds via arbitrage trading bot

MEV gain, an Ethereum (ETH) arbitrage trading bot created by MEVbots, which claims to provide stress-free passive income, has been actively draining its users’ funds via a fund-stealing backdoor.

Arbitrage bots are programs that automate trading for profit based on historical market information. An investigation of the MEVbots contract revealed a backdoor that allows creators to drain Ether from their users’ wallets.

The scam was first pointed out by Crypto Twitter’s @monkwithchaos and later confirmed by blockchain researcher Peckshield.

Suspicious account @chemzyeth promoting MEV services. Source: Google cache

Following the revelation, MEV’s lead promoter @chemzyeth disappeared from the internet.

The @chemzyeth Twitter account has been removed following the community call. Source: Twitter

Peckshield further confirmed that at least six users had fallen victim to the backdoor attack.

Backdoor Stolen Funds Transaction MEV Gain Funds Theft. Source: Peckshield

However, given that the contract is still active, at least 13,000 unwary MEVbots Twitter followers remain at risk of losing their funds.

Related: ETHW confirms exploit of contract vulnerability, rejects replay attack claims

To build on the success of layer 2 solutions focused on scalability, Ethereum co-founder Vitalik Buterin shared his vision for layer 3 protocols. He stated:

“A three-layer scaling architecture that stacks the same scaling scheme on top of itself generally doesn’t work well. Rollups on top of rollups, where both layers of rollups use the same technology, certainly don’t.

One of the use cases for Layer 3 protocols, according to Buterin, is “custom functionality,” aimed at privacy-driven applications that would use zk proofs to send privacy-preserving transactions to Layer 2.