Ethereum's biggest 'sandwich' bot drained of $7.5M in ironic exploit

The largest 'sandwich' bot on Ethereum, a type of trading bot that front-runs and back-runs other users' transactions to extract profit, was itself exploited and drained of $7.5 million in an ironic twist. The bot, which carries out so-called 'sandwich attacks' on unsuspecting traders, was compromised due to a vulnerability in its code.

The exploit was discovered on June 20, 2026, and the funds were siphoned off within hours. The exact nature of the vulnerability has not been disclosed publicly, but the incident serves as a stark reminder of the risks inherent in even the most advanced automated trading tools in decentralized finance (DeFi).

The irony of a bot that profits from exploiting others being exploited itself has drawn attention to the security challenges within the Ethereum ecosystem. For everyday users, this highlights the need for caution when trading in environments populated by such bots, as well as the importance of thorough security audits for DeFi tools.

Moving forward, users should watch for updates from the bot's operators on how they plan to secure the system and whether any funds can be recovered. The incident also underscores the broader need for transparency and rigorous security practices in DeFi to prevent similar exploits in the future.