MEV Sandwich Attacks: The Invisible Tax on Every Trade

$220,764 in USDC became $5,271 of USDT in eight seconds. The trader thought stablecoins were safe. The bot knew better.

MEV sandwich attack diagram

On March 12, 2025, someone tried to swap $220,764 of USDC for USDT on Uniswap v3. Two stablecoins. Both pegged to the dollar. Should have been close to 1:1. They received $5,271. They lost 98% of their money in eight seconds. Not to a hacker. Not to a scam. To a bot.

The bot executed what is called a sandwich attack. It saw the pending swap in the public mempool - the waiting room where transactions sit before they are confirmed. The bot moved first. It drained all the USDC liquidity out of the Uniswap v3 pool. The victim's swap then executed at a catastrophic exchange rate because the pool was empty. The bot put the liquidity back immediately after. Eight seconds, start to finish.

The bot tipped the Ethereum block builder "bob-the-builder.eth" $200,000 from the stolen value. The bot operator kept about $8,000 in profit. The victim kept $5,271 of what was supposed to be $220,764. The math is brutal: 97.6% extraction.

This was not an isolated case. Two more wallets were hit with the same attack within four minutes, losing $138,838 and $128,003 in identical USDC-to-USDT swaps. Whether these were separate victims or coordinated transactions is debated. DefiLlama's founder 0xngmi speculated publicly that the trades could be deliberate money laundering - constructing a transaction designed to be sandwiched, then privately routing it to a friendly bot. If you have illicit funds, you construct a trade that loses money on purpose, and the "loss" gets cleaned through the bot. Laundering with close to zero actual cost.

EigenPhi data covering November 2024 through October 2025 recorded over 95,000 sandwich attacks on Ethereum alone, extracting approximately $60 million from traders. On Solana, sandwich bots extracted between $370 million and $500 million over a 16-month period ending May 2025. A single entity known as "Jaredfromsubway.eth" controlled roughly 70% of all sandwich attacks on Ethereum in 2025. The average profit per attack dropped to just $3, but at industrial volume that adds up.

The defense exists but most people do not use it. Flashbots Protect and MEV Blocker allow users to submit transactions through private relays that bypass the public mempool. By early 2025, private routing handled over 50% of all Ethereum transactions. Protocols like CoW Swap use batch auctions that eliminate the ordering advantage bots exploit. But the victim in this case did not use Uniswap's front end, which has built-in MEV protection and default slippage settings. They went direct to the contract. No guardrails.

MEV is not a bug. It is a feature of how blockchains process transactions. Anyone can see pending trades. Anyone can pay to get their transaction processed first. The system is working as designed. The design just happens to let bots eat your lunch in eight seconds flat. Stablecoins are not safe. Dollar-pegged means nothing when the pool is empty.