• A record 35.5% of BNB Smart Chain blocks faced sandwich attacks on December 1, affecting $1.5 billion in trading volume across 43,400 transactions.
• Experts highlight DEX vulnerabilities and propose solutions like increased liquidity, private relayers, and better transaction safeguards.

On December 1, over a third of BNB Smart Chain blocks were infiltrated by sandwich attacks, marking a significant surge in the exploit that targets decentralized exchange (DEX) users. Data from Dune Analytics revealed that 35.5% of blocks contained such attacks, impacting over $1.5 billion in trading volume across 43,400 transactions in a single day.

Sandwich attacks involve manipulating transaction ordering on DEX platforms. Attackers sandwich a victim’s transaction between their own buy and sell orders, inflating the token price and profiting from the difference. The process, typically automated by maximal extracted value (MEV) bots, takes advantage of vulnerabilities in the blockchain’s infrastructure.

Alejandro Munoz-McDonald, a smart contract engineer at cybersecurity firm Immunefi, explained that these attacks exploit the transparency of blockchain transactions.

“When a user submits a transaction, it enters the mempool, where it waits for inclusion in a block. This allows attackers to see transaction details and manipulate the order by offering higher fees to miners,” he said.

Low liquidity on certain DEX platforms exacerbates the problem, as smaller pools are more susceptible to price swings. Jean Rausis, co-founder of the decentralized finance platform SMARDEX, suggested that incentivizing liquidity through rewards or partnerships could reduce the attractiveness of such exploits. Larger liquidity pools stabilize prices, making it harder for attackers to profit.

Solutions are emerging to counter the issue. Rausis recommended splitting trades across multiple pools using DEX aggregators, while Munoz-McDonald highlighted the importance of minimum expected return features, which cancel transactions if desired returns are not met. Users can also safeguard themselves by using private relayers that hide trades until block inclusion.

Jeremiah O’Connor, CTO and co-founder of Trugard, advocated for a structural overhaul, including separating block creation and validation processes to keep transactions private. He urged the blockchain community to adopt standardized security practices to mitigate such risks.

Editorial Note: This news article has been written with assistance from AI. Edited & fact-checked by Harshajit Sarmah.