MEV Attack
Learn what an MEV attack is, how it works, and how users can reduce risk in Web3.
What Is an MEV Attack?
An MEV attack (Maximal Extractable Value attack) occurs when someone like a block producer or privileged actor, frequently an automated bot, manipulates the order of transactions. The MEV attacker reorders, inserts, or censors transactions to extract profit.
MEV, first referenced in 2019, exists because transactions are public and visible before final inclusion in a block, creating opportunities to manipulate ordering for financial gain.
While MEV is not always malicious and considered a secret tax by many, MEV attacks make crypto markets less fair, increase price slippage, and can destabilize DeFi protocols. On fast chains, MEV extraction is often automated and highly competitive, compounding crypto user losses during volatile periods.
How It Works
Attackers monitor a blockchain’s mempool (a waiting room for transactions) for profitable trades, liquidations, or arbitrage. By placing their own transactions before or after a victim’s transaction, they can profit at the victim’s expense.
Common MEV strategies include: front-running, back-running, and sandwich attacks.
Example: The Sandwich Attack
So-called sandwich attacks are a particularly nasty form of MEV extraction.
Let’s say you’re trying to buy a popular token on a decentralized exchange (DEX). You place an order to buy $1,000 of Token X. Your transaction goes into the “mempool”.
- An MEV bot sees your trade in the waiting room. It knows your large purchase will raise the price of Token X.
- The bot frontruns you. It quickly buys Token X before you, paying a higher transaction fee to make sure its trade happens first. This raises the price.
- Your $1,000 purchase goes through at the new, higher price, raising the price even more.
- The bot immediately sells its tokens at the new, higher price, making a profit (backrunning).
End result: You get fewer tokens than you expected (high slippage), and the bot pockets the difference. You are “sandwiched”.
How to Reduce Risk
- Use MEV-resistant remote procedure calls (RPCs) or private transaction relays where available
- Avoid trading during high volatility and low liquidity
- Set slippage limits in your wallet
- Install a Web3 security tool like the Kerberus browser extension for real-time protection
Written by:
Werner Vermaak is a Web3 author and crypto journalist with a strong interest in cybersecurity, DeFi, and emerging blockchain infrastructure. With more than eight years of industry experience creating over 1000 educational articles for leading Web3 teams, he produces clear, accurate, and actionable organic material for crypto users.
- •8+ years in crypto & blockchain journalism
- •1000+ educational articles for leading Web3 teams
- •Former content lead at CoinMarketCap, Bybit, OKX
Related Terms
See more glossary terms
Install once & immediately get protected from scams, phishing and hacks. Zero losses for 250k+ users in 3 years. Now with up to $30,000 in coverage.
