Crypto Trader Sandwich Attack Costs $215K in Stablecoin Swap

Key Points

•  Crypto Trader Sandwich Attack Costs $215K in Stablecoin Swap
• The attack happened on Uniswap v3’s USDC-USDT liquidity pool.
• An MEV bot front-ran the trade, draining 98% of the value.
• Experts suspect the trader was hit by similar attacks multiple times.

A crypto trader suffered a devastating loss of $215,000 on March 12 after falling victim to a sandwich attack while swapping $220,764 worth of USD Coin (USDC) for Tether (USDT) on Uniswap v3.

Is anyone safe using DeFi?

A user on @Uniswap v3 was just sandwiched attacked out of $216k while simply trying to swap $221k USDC to USDT.

Mind you, this was a pool that had over $35m of USDC and USDT it.

This is insane.

How did it happen?

An MEV bot front-ran the tx by… pic.twitter.com/cyzu4M6qfz

— Michael Nadeau | The DeFi Report (@JustDeauIt) March 12, 2025

Within just eight seconds, the transaction was manipulated by a Maximum Extractable Value (MEV) bot, which siphoned nearly all the value before the trader could complete their swap.

According to Ethereum block explorer data, the attack occurred within the USDC-USDT liquidity pool on Uniswap v3, where approximately $19.8 million is locked.

Details of the sandwich attack transaction. Source: Etherscan – Techtoken

The bot front-ran the trader’s transaction by temporarily withdrawing all USDC liquidity from the pool, forcing the trader to receive a drastically reduced amount of USDT. Once the trade was executed, the bot restored the liquidity, profiting from the slippage created.

Crypto researcher Michael Nadeau, founder of The DeFi Report, analyzed the attack and revealed that the attacker tipped Ethereum block builder “bob-the-builder.eth” a staggering $200,000 from the swap. Meanwhile, the attacker themselves pocketed an $8,000 profit.

Was This Trader Targeted Multiple Times?

DeFi researcher “DeFiac” believes that the same trader—or at least someone using different wallets—may have been attacked five more times on the same day.

Using internal tracking tools, DeFiac pointed out that the transactions were funded through the Aave lending protocol before being sent to Uniswap, suggesting a repeated pattern of exploitation.

Tx hashes: pic.twitter.com/krG2kfZjto

— DeFiac (@TheDEFIac) March 12, 2025

At least two other wallet addresses, “0xDDe…42a6D” and “0x999…1D215”, were hit by MEV sandwich attacks within minutes of the first exploit. These wallets lost $138,838 and $128,003, respectively, in nearly identical transactions.

This unusual pattern led some analysts to speculate whether the trades were not accidental, but possibly an attempt at money laundering.

The founder of crypto analytics platform DefiLlama, 0xngmi, suggested that bad actors could deliberately construct MEV-friendly transactions and privately submit them to MEV bots to clean illicit funds. Similar concerns have been raised in recent suspicious transactions linked to Hyperliquid money laundering fears.

Rising Risks in DeFi and Crypto Markets

This case is another example of the rising risks associated with decentralized finance (DeFi). Recently, the US crypto airdrop losses have exceeded $5 billion due to geoblocking, highlighting how different attack vectors are impacting users.

Meanwhile, concerns over regulatory actions are also growing, with the US House voting to overturn the IRS DeFi broker rule, potentially affecting how transactions like these are taxed and reported.

The crypto market is also experiencing volatility, with Bitcoin price gains following inflation reports but Solana’s price drop raising concerns over potential market corrections.

While Uniswap initially faced criticism for the attack, its CEO Hayden Adams clarified that Uniswap’s official front end has built-in MEV protection and default slippage settings. This suggests that the exploited trader might have used a third-party front end without these safeguards, leaving them vulnerable to the attack.

Source: Hayden Adams – Techtoken

As the crypto space evolves, MEV attacks continue to pose a significant risk to traders using decentralized exchanges. Ensuring proper slippage settings, utilizing MEV-protected platforms, and staying informed about potential threats are crucial steps to avoid falling victim to such exploits.