The notorious maximal extractible value (MEV) sandwich bot, known as 'arsc,' has accumulated approximately $30 million from Solana users in the past two months through MEV attacks. An MEV sandwich attack occurs when an attacker strategically places a victim's transaction between two of their own transactions to manipulate prices and profit. By buying the victim's token at a lower price than market value and selling it in the same block, they exploit the system to their advantage.

In a recent post on X, Ben Coverston, the founder of cryptocurrency firm MRGN Research, described 'arsc' as a bot that has actively avoided detection while generating profits from the Solana network. The bot's primary wallet address, '9973h…zyWp6,' is believed to be used mainly for cold storage, with holdings of over $19 million consisting of Solana tokens, Circle's USD Coin, wrapped-SOL, Cringe Coin, and Kabosu.

Another wallet, with the address 'Ai4zq…VXKKT,' is more engaged in decentralized finance activities, converting SOL into USDC through JUP DCA and having significant positions in Kamino and various LSTs. This wallet holds approximately $9.9 million in total funds, comprising mostly non-SOL tokens.

Coverston identified a third wallet, 'BCbrp…vi58q,' as 'arsc's' primary SOL bank, utilizing multiple signers and tippers to conduct sandwich attacks. The combined holdings of the three wallets amount to $29.8 million at current prices as the operator behind 'arsc' maintains a low profile to avoid unwanted attention.

MEV sandwich bots employ sophisticated algorithms to exploit profit opportunities and are prevalent not only in Solana but also in Ethereum. These bots have caused significant losses to Ethereum users and have been a concerning issue in the crypto space. Understanding the tactics and strategies used by such bots is crucial to mitigating risks and protecting assets in decentralized networks.